Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,618
Maven
5,000+
npm
4,255
NuGet
760
pip
4,043
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,739 advisories

Loading
The Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin for... Moderate Unreviewed
CVE-2025-12156 was published Nov 4, 2025
The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed
CVE-2025-11758 was published Nov 4, 2025
The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed
CVE-2025-12350 was published Nov 4, 2025
The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2025-12389 was published Nov 4, 2025
The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2025-12157 was published Nov 4, 2025
lakeFS affected by unauthenticated access to API usage metrics Moderate
CVE-2025-64179 was published for github.com/treeverse/lakefs (Go) Nov 3, 2025
arielshaqed nopcoder
Credited to arielshaqed and nopcoder
FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A... Moderate Unreviewed
CVE-2025-63293 was published Nov 3, 2025
Missing Authorization vulnerability in d3wp WP Snow Effect allows Accessing Functionality Not... Moderate Unreviewed
CVE-2025-64294 was published Nov 3, 2025
The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to,... Moderate Unreviewed
CVE-2025-12180 was published Nov 1, 2025
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages... Moderate Unreviewed
CVE-2025-11816 was published Nov 1, 2025
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet... Moderate Unreviewed
CVE-2025-64356 was published Oct 31, 2025
Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce wt-smart-coupons... Moderate Unreviewed
CVE-2025-64358 was published Oct 31, 2025
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-12041 was published Oct 31, 2025
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed
CVE-2025-12175 was published Oct 31, 2025
The FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant... Moderate Unreviewed
CVE-2025-11975 was published Oct 31, 2025
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2025-11881 was published Oct 30, 2025
The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-10008 was published Oct 30, 2025
Jenkins Publish to Bitbucket Plugin is missing a permissions check Moderate
CVE-2025-64148 was published for org.jenkins-ci.plugins:publish-to-bitbucket (Maven) Oct 29, 2025
Jenkins Publish to Bitbucket Plugin is missing a permissions check Moderate
CVE-2025-64150 was published for org.jenkins-ci.plugins:publish-to-bitbucket (Maven) Oct 29, 2025
Jenkins Start Windocks Containers Plugin is missing a permission check Moderate
CVE-2025-64139 was published for org.jenkins-ci.plugins:windocks-start-container (Maven) Oct 29, 2025
Jenkins MCP Server Plugin does not perform permission checks in multiple MCP tools Moderate
CVE-2025-64132 was published for io.jenkins.plugins:mcp-server (Maven) Oct 29, 2025
Jenkins Nexus Task Runner Plugin is missing a permission check Moderate
CVE-2025-64142 was published for org.jenkins-ci.plugins:nexus-task-runner (Maven) Oct 29, 2025
Jenkins Themis Plugin is missing a permission check Moderate
CVE-2025-64137 was published for org.jenkins-ci.plugins:themis (Maven) Oct 29, 2025
The Call Now Button – The #1 Click to Call Button for WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-11587 was published Oct 29, 2025
The Call Now Button – The #1 Click to Call Button for WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-11632 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database