GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,208
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,109
Maven 5,284
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 887
Swift 37

Unreviewed advisories

All unreviewed 243,521

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243,521 advisories

Filter by severity

Sort by

Least recently updated

Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025... Moderate Unreviewed

CVE-2025-20887 was published Feb 4, 2025

There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD... High Unreviewed

CVE-2024-10237 was published Feb 4, 2025

Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan... High Unreviewed

CVE-2025-20882 was published Feb 4, 2025

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-12597 was published Feb 4, 2025

Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers... Moderate Unreviewed

CVE-2025-20883 was published Feb 4, 2025

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG... High Unreviewed

CVE-2024-10238 was published Feb 4, 2025

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13607 was published Feb 4, 2025

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information... Moderate Unreviewed

CVE-2024-13514 was published Feb 4, 2025

Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to... High Unreviewed

CVE-2025-20881 was published Feb 4, 2025

The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2024-12046 was published Feb 4, 2025

Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025... High Unreviewed

CVE-2025-20888 was published Feb 4, 2025

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 .... High Unreviewed

CVE-2024-10239 was published Feb 4, 2025

The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13327 was published Feb 4, 2025

The Solidres WordPress plugin through 0.9.4 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13329 was published Feb 4, 2025

The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes... Unknown Unreviewed

CVE-2025-0466 was published Feb 4, 2025

The JustRows free WordPress plugin through 0.2 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13330 was published Feb 4, 2025

The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter... Unknown Unreviewed

CVE-2024-13331 was published Feb 4, 2025

The Banner Garden Plugin for WordPress plugin through 0.1.3 does not sanitise and escape a... Unknown Unreviewed

CVE-2025-0368 was published Feb 4, 2025

The Giga Messenger WordPress plugin through 2.3.1 does not sanitise and escape a parameter... Unknown Unreviewed

CVE-2024-13328 was published Feb 4, 2025

The iBuildApp WordPress plugin through 0.2.0 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13326 was published Feb 4, 2025

The TransFinanz WordPress plugin through 1.0.0 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13332 was published Feb 4, 2025

Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2... Moderate Unreviewed

CVE-2025-24982 was published Feb 4, 2025

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise... Unknown Unreviewed

CVE-2024-13114 was published Feb 4, 2025

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have... Unknown Unreviewed

CVE-2024-13115 was published Feb 4, 2025

The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13325 was published Feb 4, 2025

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243,521 advisories