GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,742
Composer 5,031
Erlang 39
GitHub Actions 38
Go 2,676
Maven 6,117
npm 4,298
NuGet 760
pip 4,077
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,085

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,118 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed

CVE-2025-12525 was published Nov 25, 2025

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP... Moderate Unreviewed

CVE-2025-12039 was published Nov 21, 2025

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2025-11368 was published Nov 21, 2025

Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and... Moderate Unreviewed

CVE-2025-52669 was published Nov 20, 2025

GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and... Moderate Unreviewed

CVE-2025-63212 was published Nov 19, 2025

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC... Moderate Unreviewed

CVE-2025-54971 was published Nov 18, 2025

The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12426 was published Nov 19, 2025

The New User Approve plugin for WordPress is vulnerable to unauthorized data disclosure in all... Moderate Unreviewed

CVE-2025-12770 was published Nov 19, 2025

A broken access control (BAC) vulnerability in the web-based management interface could allow an... Moderate Unreviewed

CVE-2025-37160 was published Nov 18, 2025

The Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more... Moderate Unreviewed

CVE-2025-12545 was published Nov 18, 2025

Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG... Moderate Unreviewed

CVE-2016-7420 was published May 17, 2022

In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly... Moderate Unreviewed

CVE-2025-12149 was published Nov 14, 2025

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed

CVE-2025-12785 was published Nov 13, 2025

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed

CVE-2025-12784 was published Nov 13, 2025

The Comment Edit Core – Simple Comment Editing plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2025-12681 was published Nov 13, 2025

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12732 was published Nov 12, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an... Moderate Unreviewed

CVE-2025-59240 was published Nov 11, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed

CVE-2025-62206 was published Nov 11, 2025

The Document Pro Elementor – Documentation & Knowledge Base plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11997 was published Nov 11, 2025

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12010 was published Nov 11, 2025

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... Moderate Unreviewed

CVE-2025-12098 was published Nov 8, 2025

Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean... Moderate Unreviewed

CVE-2025-55342 was published Nov 5, 2025

In Nagios Log Server versions prior to 2024R2.0.3, when a user's configured default dashboard is... Moderate Unreviewed

CVE-2025-34272 was published Oct 31, 2025

ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests... Moderate Unreviewed

CVE-2025-59716 was published Nov 5, 2025

The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An... Moderate Unreviewed

CVE-2025-43495 was published Nov 4, 2025

Previous1…245 Next

Previous 1 2 3 4 5 … 244 245 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,118 advisories