GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,901

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105,893 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The OneClick Chat to Order plugin for WordPress is vulnerable to Insecure Direct Object Reference... High Unreviewed

CVE-2025-13526 was published Nov 22, 2025

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Missing Authorization in... High Unreviewed

CVE-2025-13384 was published Nov 22, 2025

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File... High Unreviewed

CVE-2025-11087 was published Nov 21, 2025

Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to... High Unreviewed

CVE-2025-62626 was published Nov 21, 2025

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen... High Unreviewed

CVE-2025-13132 was published Nov 21, 2025

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public... High Unreviewed

CVE-2025-13470 was published Nov 21, 2025

The S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin for WordPress... High Unreviewed

CVE-2025-12973 was published Nov 21, 2025

Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email... High Unreviewed

CVE-2025-66055 was published Nov 21, 2025

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed

CVE-2025-12160 was published Nov 21, 2025

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search'... High Unreviewed

CVE-2025-13138 was published Nov 21, 2025

The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-13156 was published Nov 21, 2025

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross... High Unreviewed

CVE-2025-13159 was published Nov 21, 2025

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-13322 was published Nov 21, 2025

The URL Image Importer plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-12138 was published Nov 21, 2025

The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed

CVE-2025-11985 was published Nov 21, 2025

The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code'... High Unreviewed

CVE-2025-12135 was published Nov 21, 2025

Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows... High Unreviewed

CVE-2025-64695 was published Nov 21, 2025

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service High Unreviewed

CVE-2025-13499 was published Nov 21, 2025

IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11... High Unreviewed

CVE-2025-36072 was published Nov 21, 2025

Azure Monitor Elevation of Privilege Vulnerability High Unreviewed

CVE-2025-62207 was published Nov 21, 2025

Microsoft Defender Portal Spoofing Vulnerability High Unreviewed

CVE-2025-62459 was published Nov 21, 2025

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized... High Unreviewed

CVE-2025-64655 was published Nov 21, 2025

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/... High Unreviewed

CVE-2025-61138 was published Nov 21, 2025

The affected product allows unauthenticated access to Real Time Streaming Protocol (RTSP)... High Unreviewed

CVE-2025-62674 was published Nov 20, 2025

Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed

CVE-2025-48986 was published Nov 20, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105,893 advisories