GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up... Moderate Unreviewed

CVE-2023-2897 was published Jun 9, 2023

The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing... Moderate Unreviewed

CVE-2022-4537 was published Jul 6, 2023

The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address... Moderate Unreviewed

CVE-2022-4532 was published Aug 17, 2024

Serilog Client IP Spoofing vulnerability Moderate

CVE-2024-44930 was published for Serilog.Enrichers.ClientInfo (NuGet) Aug 29, 2024

The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions... Moderate Unreviewed

CVE-2022-4536 was published Aug 31, 2024

The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in... Moderate Unreviewed

CVE-2022-4539 was published Aug 31, 2024

The Security, Antivirus, Firewall – S.A.F plugin for WordPress is vulnerable to IP Address... Moderate Unreviewed

CVE-2022-4529 was published Sep 5, 2024

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in... Moderate Unreviewed

CVE-2022-4533 was published Sep 19, 2024

The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address... Moderate Unreviewed

CVE-2022-4534 was published Oct 8, 2024

TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) Moderate

CVE-2025-24856 was published for causal/oidc (Composer) Jan 28, 2025

PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4... Moderate Unreviewed

CVE-2024-54840 was published Feb 3, 2025

SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes... Moderate Unreviewed

CVE-2025-43918 was published Apr 20, 2025

Bypass Connection Restriction vulnerability in Hitachi Infrastructure Analytics Advisor (Data... Moderate Unreviewed

CVE-2025-1245 was published May 16, 2025

The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern... Moderate Unreviewed

CVE-2025-47149 was published May 23, 2025

Movable Type contains an issue with use of less trusted source. If exploited, tampered email to... Moderate Unreviewed

CVE-2025-53522 was published Aug 20, 2025

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15 advisories