Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,831 advisories

Loading
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11260 was published Feb 21, 2025
An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2025-22973 was published Feb 21, 2025
S3-Proxy allows Reflected Cross-site Scripting (XSS) in template implementation High
CVE-2025-27088 was published for github.com/oxyno-zeta/s3-proxy/cmd/s3-proxy (Go) Feb 20, 2025
ddvleeuwen oxyno-zeta
Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an... High Unreviewed
CVE-2025-0352 was published Feb 20, 2025
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which... High Unreviewed
CVE-2023-51336 was published Feb 20, 2025
Cosmos SDK: Groups module can halt chain when handling a malicious proposal High
GHSA-x5vx-95h7-rv4p was published for github.com/cosmos/cosmos-sdk (Go) Feb 20, 2025
dongsam
A memory leak has been identified in the parseSWF_SOUNDINFO function in util/parser.c of libming... High Unreviewed
CVE-2025-26305 was published Feb 20, 2025
A memory leak has been identified in the parseSWF_EXPORTASSETS function in util/parser.c of... High Unreviewed
CVE-2025-26304 was published Feb 20, 2025
PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51333 was published Feb 20, 2025
An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C4EM-125: OMF_C4E 101.05... High Unreviewed
CVE-2024-46933 was published Feb 20, 2025
IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local... High Unreviewed
CVE-2025-0161 was published Feb 20, 2025
PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51319 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers... High Unreviewed
CVE-2023-51314 was published Feb 20, 2025
PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which... High Unreviewed
CVE-2023-51313 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Bus Reservation System v1... High Unreviewed
CVE-2023-51316 was published Feb 20, 2025
The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-1039 was published Feb 20, 2025
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547,... High Unreviewed
CVE-2023-27517 was published Feb 20, 2025
Improper access control in some Intel(R) Optane(TM) PMem 100 Series Management Software before... High Unreviewed
CVE-2023-22311 was published Feb 20, 2025
IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity... High Unreviewed
CVE-2024-49781 was published Feb 20, 2025
The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed
CVE-2024-13753 was published Feb 20, 2025
The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13792 was published Feb 20, 2025
The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13476 was published Feb 20, 2025
The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and... High Unreviewed
CVE-2024-13888 was published Feb 20, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2025-26856 was published Feb 20, 2025
Hermes improperly validates a JWT High
CVE-2025-1293 was published for github.com/hashicorp-forge/hermes (Go) Feb 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database