GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,686

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241,686 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0563 was published Jan 19, 2025

IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the... Moderate Unreviewed

CVE-2024-45652 was published Jan 19, 2025

IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to... Moderate Unreviewed

CVE-2024-45654 was published Jan 19, 2025

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP... Moderate Unreviewed

CVE-2024-45653 was published Jan 19, 2025

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This... Moderate Unreviewed

CVE-2025-0562 was published Jan 19, 2025

A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as... Moderate Unreviewed

CVE-2025-0561 was published Jan 19, 2025

IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through... Moderate Unreviewed

CVE-2024-49354 was published Jan 18, 2025

IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6... High Unreviewed

CVE-2024-45662 was published Jan 18, 2025

IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed

CVE-2024-49824 was published Jan 18, 2025

IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2024-47106 was published Jan 18, 2025

IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8... High Unreviewed

CVE-2024-47113 was published Jan 18, 2025

IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a... Moderate Unreviewed

CVE-2024-51448 was published Jan 18, 2025

A vulnerability, which was classified as problematic, was found in CampCodes School Management... Moderate Unreviewed

CVE-2025-0560 was published Jan 18, 2025

A vulnerability, which was classified as problematic, has been found in Campcodes School... Moderate Unreviewed

CVE-2025-0559 was published Jan 18, 2025

A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This... Moderate Unreviewed

CVE-2025-0558 was published Jan 18, 2025

IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations... Moderate Unreviewed

CVE-2024-49338 was published Jan 18, 2025

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based... High Unreviewed

CVE-2024-13184 was published Jan 18, 2025

A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and... Moderate Unreviewed

CVE-2025-0557 was published Jan 18, 2025

The Adifier System plugin for WordPress is vulnerable to privilege escalation via account... Critical Unreviewed

CVE-2024-13375 was published Jan 18, 2025

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet... Moderate Unreviewed

CVE-2024-13391 was published Jan 18, 2025

The JSM Screenshot Machine Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-13385 was published Jan 18, 2025

The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13393 was published Jan 18, 2025

The Utilities for MTG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-13433 was published Jan 18, 2025

The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-13317 was published Jan 18, 2025

The JetEngine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘list_tag... Moderate Unreviewed

CVE-2025-0369 was published Jan 18, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241,686 advisories