GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to... Critical Unreviewed

CVE-2025-25962 was published Apr 29, 2025

org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type Critical

CVE-2025-32974 was published for org.xwiki.platform:xwiki-platform-security-requiredrights-default (Maven) Apr 29, 2025

The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed

CVE-2025-3278 was published Apr 19, 2025

An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2025-28399 was published Apr 15, 2025

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed

CVE-2025-2798 was published Apr 4, 2025

The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication... Critical Unreviewed

CVE-2025-2237 was published Apr 1, 2025

An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via... Critical Unreviewed

CVE-2025-22937 was published Mar 31, 2025

The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed

CVE-2025-2232 was published Mar 14, 2025

The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed

CVE-2025-0177 was published Mar 8, 2025

The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed

CVE-2024-12281 was published Mar 5, 2025

The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed

CVE-2024-11951 was published Mar 5, 2025

The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed

CVE-2024-8420 was published Feb 28, 2025

Infoblox NIOS through 8.6.4 executes with more privileges than required. Critical Unreviewed

CVE-2024-36046 was published Feb 28, 2025

Easy!Appointments Improper Restriction of Excessive Authentication Attempts Critical

CVE-2024-57602 was published for alextselegidis/easyappointments (Composer) Feb 13, 2025

MaysWind ezBookkeeping has Improper Privilege Management Critical

CVE-2024-57604 was published for github.com/mayswind/ezbookkeeping (Go) Feb 13, 2025

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up... Critical Unreviewed

CVE-2025-0180 was published Feb 11, 2025

An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via... Critical Unreviewed

CVE-2024-55215 was published Feb 8, 2025

The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2024-9636 was published Jan 15, 2025

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9479 was published Nov 20, 2024

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9478 was published Nov 20, 2024

Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed

CVE-2024-8074 was published Nov 12, 2024

RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical

GHSA-x7xj-jvwp-97rv was published for github.com/rancher/rke2 (Go) Oct 25, 2024

Rancher Remote Code Execution via Cluster/Node Drivers Critical

CVE-2024-22036 was published for github.com/rancher/rancher (Go) Oct 25, 2024

Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical

CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024

The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2024-9518 was published Oct 10, 2024

Previous 12…14 Next

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

336 advisories