Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,464 advisories

Loading
A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function... High Unreviewed
CVE-2025-12595 was published Nov 2, 2025
A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function... High Unreviewed
CVE-2025-12596 was published Nov 2, 2025
A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of... High Unreviewed
CVE-2025-12198 was published Oct 27, 2025
IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM... High Unreviewed
CVE-2025-36367 was published Nov 1, 2025
The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2025-12171 was published Nov 1, 2025
The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and... High Unreviewed
CVE-2025-6990 was published Nov 1, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed
CVE-2025-6574 was published Nov 1, 2025
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for... High Unreviewed
CVE-2025-11755 was published Nov 1, 2025
The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Remote Code... High Unreviewed
CVE-2025-10487 was published Nov 1, 2025
The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via event... High Unreviewed
CVE-2025-11995 was published Nov 1, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed
CVE-2025-5949 was published Nov 1, 2025
The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to... High Unreviewed
CVE-2025-11920 was published Nov 1, 2025
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0... High Unreviewed
CVE-2014-5399 was published May 17, 2022
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services,... High Unreviewed
CVE-2014-2350 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak... High Unreviewed
CVE-2014-2380 was published May 17, 2022
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63465 was published Oct 31, 2025
Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in... High Unreviewed
CVE-2025-57106 was published Oct 31, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-64366 was published Oct 31, 2025
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability... High Unreviewed
CVE-2025-57107 was published Oct 31, 2025
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate l_tree_depth... High Unreviewed
CVE-2025-22079 was published Apr 16, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error... High Unreviewed
CVE-2025-22087 was published Apr 16, 2025
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors... High Unreviewed
CVE-2025-41109 was published Oct 22, 2025
In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table... High Unreviewed
CVE-2025-37786 was published May 1, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use... High Unreviewed
CVE-2025-37796 was published May 1, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database