Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2025-3607 was published Apr 24, 2025
The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account... High Unreviewed
CVE-2024-13373 was published Mar 1, 2025
The password change function at /cgi/admin.cgi does not require the current/old password, which... High Unreviewed
CVE-2024-28143 was published Dec 12, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote... High Unreviewed
CVE-2024-27715 was published Jul 5, 2024
Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process High
CVE-2024-34077 was published for mantisbt/mantisbt (Composer) May 13, 2024
dregad redna-xela
Expired tokens can be renewed without validating the account password High
GHSA-9wgg-m99q-hhfc was published for emailproxy (pip) Dec 19, 2023
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable... High Unreviewed
CVE-2023-2297 was published Jul 6, 2023
Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. High Unreviewed
CVE-2023-3069 was published Jun 2, 2023
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. High Unreviewed
CVE-2022-3152 was published Sep 8, 2022
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web... High Unreviewed
CVE-2017-14005 was published May 13, 2022
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM)... High Unreviewed
CVE-2018-8916 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database