Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

892 advisories

Loading
Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to... High Unreviewed
CVE-2025-3575 was published Apr 15, 2025
A vulnerability was found in Tutorials-Website Employee Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-3537 was published Apr 13, 2025
A vulnerability was found in Tutorials-Website Employee Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-3536 was published Apr 13, 2025
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile... Moderate Unreviewed
CVE-2025-3292 was published Apr 12, 2025
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile... Moderate Unreviewed
CVE-2025-3282 was published Apr 12, 2025
The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-2526 was published Apr 8, 2025
An insecure direct object reference (IDOR) in the component /assets/stafffiles of OS4ED openSIS... High Unreviewed
CVE-2025-22931 was published Apr 3, 2025
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager allows... Moderate Unreviewed
CVE-2025-31867 was published Apr 1, 2025
Authorization Bypass Through User-Controlled Key vulnerability in themeglow JobBoard Job listing... Moderate Unreviewed
CVE-2025-31833 was published Apr 1, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PalsCode Support Genix allows... Moderate Unreviewed
CVE-2025-30777 was published Mar 27, 2025
The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object... High Unreviewed
CVE-2024-13558 was published Mar 20, 2025
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi... High Unreviewed
CVE-2024-12048 was published Mar 20, 2025
An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows... Critical Unreviewed
CVE-2024-11167 was published Mar 20, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-1667 was published Mar 15, 2025
The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2024-13407 was published Mar 14, 2025
The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2024-11284 was published Mar 14, 2025
The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2024-11285 was published Mar 14, 2025
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass... High Unreviewed
CVE-2024-53406 was published Mar 13, 2025
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access... High Unreviewed
CVE-2025-2271 was published Mar 13, 2025
The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2024-13887 was published Mar 13, 2025
Authorization Bypass Through User-Controlled Key vulnerability in shanebp BP Email Assign... Moderate Unreviewed
CVE-2025-28874 was published Mar 11, 2025
SAP Fiori applications using the posting library fail to properly configure security settings... Moderate Unreviewed
CVE-2025-26660 was published Mar 11, 2025
The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an... Moderate Unreviewed
CVE-2025-27436 was published Mar 11, 2025
The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain... Moderate Unreviewed
CVE-2025-27433 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database