Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

94,406 advisories

Loading
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed
CVE-2024-12365 was published Jan 14, 2025
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed
CVE-2025-0394 was published Jan 14, 2025
SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform... High Unreviewed
CVE-2025-0061 was published Jan 14, 2025
Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed
CVE-2025-23082 was published Jan 14, 2025
SAP NetWeaver AS ABAP and ABAP Platform does not check for authorization when a user executes... High Unreviewed
CVE-2025-0063 was published Jan 14, 2025
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or... High Unreviewed
CVE-2025-0069 was published Jan 14, 2025
An improper privilege management vulnerability in the web management interface of the Zyxel... High Unreviewed
CVE-2024-12398 was published Jan 14, 2025
A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for... High Unreviewed
CVE-2024-11128 was published Jan 14, 2025
An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with... High Unreviewed
CVE-2024-46480 was published Jan 13, 2025
The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to... High Unreviewed
CVE-2024-46481 was published Jan 13, 2025
Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin. High Unreviewed
CVE-2025-22963 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22514 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22567 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22506 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22569 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22568 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22570 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22576 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22583 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22588 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22586 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22499 was published Jan 13, 2025
An improper array index validation vulnerability exists in the determineMinMax functionality of... High Unreviewed
CVE-2024-52333 was published Jan 13, 2025
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS... High Unreviewed
CVE-2024-47796 was published Jan 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22337 was published Jan 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database