GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

144,832 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-63009 was published Dec 9, 2025

Server-Side Request Forgery (SSRF) vulnerability in ThemesInflow Hercules Core hercules-core... Moderate Unreviewed

CVE-2025-63010 was published Dec 9, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-63013 was published Dec 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-63011 was published Dec 9, 2025

A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap... Moderate Unreviewed

CVE-2025-14087 was published Dec 10, 2025

A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This... Moderate Unreviewed

CVE-2025-66004 was published Dec 10, 2025

An unauthenticated device registration vulnerability, caused by Improperly Controlled... Moderate Unreviewed

CVE-2025-9315 was published Dec 10, 2025

The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions... Moderate Unreviewed

CVE-2025-13677 was published Dec 10, 2025

Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit... Moderate Unreviewed

CVE-2025-67594 was published Dec 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Business Directory business... Moderate Unreviewed

CVE-2025-67596 was published Dec 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins SupportCandy supportcandy allows... Moderate Unreviewed

CVE-2025-67598 was published Dec 9, 2025

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2025-34401 was published Dec 9, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-63068 was published Dec 9, 2025

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's... Moderate Unreviewed

CVE-2025-49178 was published Jun 17, 2025

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing... Moderate Unreviewed

CVE-2022-50361 was published Sep 17, 2025

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2025-34402 was published Dec 9, 2025

Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows... Moderate Unreviewed

CVE-2025-63069 was published Dec 9, 2025

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr... Moderate Unreviewed

CVE-2022-50359 was published Sep 17, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking wp-hotel-booking... Moderate Unreviewed

CVE-2025-63012 was published Dec 9, 2025

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3... Moderate Unreviewed

CVE-2025-12916 was published Nov 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site... Moderate Unreviewed

CVE-2025-67593 was published Dec 9, 2025

Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation... Moderate Unreviewed

CVE-2025-67599 was published Dec 9, 2025

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not... Moderate Unreviewed

CVE-2025-49180 was published Jun 17, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross... Moderate Unreviewed

CVE-2025-67595 was published Dec 9, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-63070 was published Dec 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

144,832 advisories