GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
530 advisories
Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
Critical
GHSA-2f4r-34m4-3w8q
was published
for
auth0/wordpress
(Composer)
May 17, 2025
Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
Critical
GHSA-9wg9-93h9-j8ch
was published
for
auth0/symfony
(Composer)
May 17, 2025
ThinkAdmin insecure unserialize vulnerability
Critical
CVE-2020-23653
was published
for
zoujingli/thinkadmin
(Composer)
May 24, 2022
YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download
Critical
CVE-2025-46348
was published
for
yeswiki/yeswiki
(Composer)
Apr 29, 2025
Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)
Critical
CVE-2022-47408
was published
for
fixpunkt/fp-newsletter
(Composer)
Dec 14, 2022
Volt Allows RCE Via User-Crafted Requests
Critical
CVE-2025-27517
was published
for
livewire/volt
(Composer)
Mar 5, 2025
Improper Authorization vulnerability in Magento and Adobe Commerce
Critical
CVE-2025-24434
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
X-Forwarded-For header allows brute-forcing autoblocked IP addresses
Critical
CVE-2023-29141
was published
for
mediawiki/core
(Composer)
Mar 31, 2023
ProTip!
Advisories are also available from the
GraphQL API