GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,014
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,428
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,253

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,083 advisories

Filter by severity

Sort by

Least recently updated

The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter... Moderate Unreviewed

CVE-2024-12731 was published Jan 9, 2025

The Asgard Security Scanner WordPress plugin through 0.7 does not sanitise and escape a parameter... Moderate Unreviewed

CVE-2024-12715 was published Jan 9, 2025

The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter... Moderate Unreviewed

CVE-2024-12736 was published Jan 9, 2025

In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Create all... Moderate Unreviewed

CVE-2024-56588 was published Dec 27, 2024

Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking... Moderate Unreviewed

CVE-2024-49602 was published Dec 9, 2024

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in... Moderate Unreviewed

CVE-2024-56761 was published Jan 6, 2025

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix... Moderate Unreviewed

CVE-2024-53149 was published Dec 24, 2024

In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when... Moderate Unreviewed

CVE-2024-56694 was published Dec 28, 2024

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations,... Moderate Unreviewed

CVE-2024-2201 was published Dec 19, 2024

The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a... Moderate Unreviewed

CVE-2024-12714 was published Jan 9, 2025

The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI']... Moderate Unreviewed

CVE-2024-10815 was published Jan 9, 2025

In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid... Moderate Unreviewed

CVE-2024-56767 was published Jan 6, 2025

The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-4452 was published May 21, 2024

In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which... Moderate Unreviewed

CVE-2024-9202 was published Sep 27, 2024

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio... Moderate Unreviewed

CVE-2024-47726 was published Oct 21, 2024

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed

CVE-2024-49998 was published Oct 21, 2024

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2492 was published Apr 9, 2024

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2187 was published Apr 9, 2024

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed

CVE-2024-25953 was published Mar 28, 2024

In the Linux kernel, the following vulnerability has been resolved: mtd: require write... Moderate Unreviewed

CVE-2021-47055 was published Mar 1, 2024

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2181 was published Apr 9, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22813 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22821 was published Jan 9, 2025

An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of... Moderate Unreviewed

CVE-2025-21596 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22827 was published Jan 9, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,083 advisories