GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,665

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

275,665 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

[This CNA information record relates to multiple CVEs; the text explains which aspects... High Unreviewed

CVE-2025-58148 was published Oct 31, 2025

When passing through PCI devices, the detach logic in libxl won't remove access permissions to... High Unreviewed

CVE-2025-58149 was published Oct 31, 2025

Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows... Low Unreviewed

CVE-2025-64350 was published Oct 31, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Rank Math SEO Rank Math SEO... Moderate Unreviewed

CVE-2025-64351 was published Oct 31, 2025

The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-12041 was published Oct 31, 2025

Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On... High Unreviewed

CVE-2025-11843 was published Oct 31, 2025

The WPC Name Your Price for WooCommerce plugin for WordPress is vulnerable to unauthorized price... High Unreviewed

CVE-2025-12115 was published Oct 31, 2025

Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed

CVE-2025-30188 was published Oct 31, 2025

Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to... Moderate Unreviewed

CVE-2025-30191 was published Oct 31, 2025

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key... High Unreviewed

CVE-2025-30189 was published Oct 31, 2025

The OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) plugin for... Moderate Unreviewed

CVE-2025-12094 was published Oct 31, 2025

The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-12175 was published Oct 31, 2025

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords... High Unreviewed

CVE-2025-62232 was published Oct 31, 2025

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less... Moderate Unreviewed

CVE-2025-8383 was published Oct 31, 2025

The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2025-8385 was published Oct 31, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-6520 was published Oct 31, 2025

The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all... High Unreviewed

CVE-2025-10897 was published Oct 31, 2025

The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up... Critical Unreviewed

CVE-2025-5397 was published Oct 31, 2025

The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor... Critical Unreviewed

CVE-2025-8489 was published Oct 31, 2025

The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed

CVE-2025-7846 was published Oct 31, 2025

The RealPress WordPress plugin before 1.1.0 registers the REST routes without proper permission... Moderate Unreviewed

CVE-2025-11191 was published Oct 31, 2025

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and... Moderate Unreviewed

CVE-2025-58152 was published Oct 31, 2025

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. contain an OS command... High Unreviewed

CVE-2025-54763 was published Oct 31, 2025

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to... Low Unreviewed

CVE-2025-23050 was published Oct 31, 2025

The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11806 was published Oct 31, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275,665 advisories