Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,124
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

856 advisories

Loading
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26375 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26368 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26378 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26371 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26372 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26370 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26369 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26377 was published Feb 12, 2025
The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed
CVE-2024-12296 was published Feb 12, 2025
The Click Mag - Viral WordPress News Magazine/Blog Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13656 was published Feb 12, 2025
The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-13800 was published Feb 12, 2025
The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13653 was published Feb 12, 2025
The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13654 was published Feb 12, 2025
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13643 was published Feb 11, 2025
Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows... High Unreviewed
CVE-2025-25167 was published Feb 7, 2025
Incorrect access control in Geovision GV-ASWeb version 6.1.0.0 or less allows unauthorized... High Unreviewed
CVE-2024-56898 was published Feb 3, 2025
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-12171 was published Feb 1, 2025
The Live2DWebCanvas plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-13767 was published Jan 31, 2025
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2024-23962 was published Jan 31, 2025
The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2024-12821 was published Jan 30, 2025
The Royal Core plugin for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-12129 was published Jan 30, 2025
The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access... High Unreviewed
CVE-2024-12269 was published Jan 30, 2025
The MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation &... High Unreviewed
CVE-2024-10591 was published Jan 30, 2025
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges... High Unreviewed
CVE-2025-21396 was published Jan 30, 2025
In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is a possible way to bypass... High Unreviewed
CVE-2024-40677 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database