GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,596
Composer 4,840
Erlang 36
GitHub Actions 33
Go 2,464
Maven 5,878
npm 4,082
NuGet 723
pip 3,880
Pub 12
RubyGems 943
Rust 1,011
Swift 39

Unreviewed advisories

All unreviewed 266,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

97 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1... Moderate Unreviewed

CVE-2025-43768 was published Aug 23, 2025

A low privileged remote attacker can get access to CSRF tokens of higher privileged users which... Moderate Unreviewed

CVE-2024-7698 was published Sep 10, 2024

The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to... High Unreviewed

CVE-2025-41415 was published Aug 21, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg... High Unreviewed

CVE-2025-55715 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine allows... Moderate Unreviewed

CVE-2025-53196 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetMenu allows... Moderate Unreviewed

CVE-2025-53987 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTabs allows... Moderate Unreviewed

CVE-2025-53985 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup allows... Moderate Unreviewed

CVE-2025-53993 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For... Moderate Unreviewed

CVE-2025-53983 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetBlocks For... Moderate Unreviewed

CVE-2025-53988 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows... Moderate Unreviewed

CVE-2025-49408 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTricks allows... Moderate Unreviewed

CVE-2025-53992 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters... Moderate Unreviewed

CVE-2025-54008 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder... Moderate Unreviewed

CVE-2025-53998 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows... Moderate Unreviewed

CVE-2025-55710 was published Aug 14, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash... Moderate Unreviewed

CVE-2025-54685 was published Aug 14, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows... High Unreviewed

CVE-2025-47444 was published Aug 12, 2025

YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include... High Unreviewed

CVE-2025-8862 was published Aug 11, 2025

In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users... Moderate Unreviewed

CVE-2025-7204 was published Jul 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Authorize... Moderate Unreviewed

CVE-2025-53322 was published Jun 27, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe... Moderate Unreviewed

CVE-2025-53309 was published Jun 27, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX... High Unreviewed

CVE-2025-48261 was published Jun 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic... Moderate Unreviewed

CVE-2025-49294 was published Jun 6, 2025

The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed

CVE-2025-5733 was published Jun 6, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders &... High Unreviewed

CVE-2025-48331 was published May 30, 2025

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

97 advisories