GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,739
Composer 5,031
Erlang 39
GitHub Actions 38
Go 2,675
Maven 6,116
npm 4,297
NuGet 760
pip 4,077
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,052

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an... Moderate Unreviewed

CVE-2025-12288 was published Oct 27, 2025

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... Moderate Unreviewed

CVE-2025-11815 was published Nov 21, 2025

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading... Moderate Unreviewed

CVE-2025-13085 was published Nov 19, 2025

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-12814 was published Nov 19, 2025

The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed

CVE-2025-12777 was published Nov 19, 2025

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2025-12494 was published Nov 15, 2025

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a... Moderate Unreviewed

CVE-2025-12435 was published Nov 10, 2025

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the... Moderate Unreviewed

CVE-2025-12854 was published Nov 7, 2025

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed

CVE-2025-7938 was published Jul 21, 2025

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12360 was published Nov 6, 2025

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app... Moderate Unreviewed

CVE-2023-40430 was published Jan 11, 2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2024-21159 was published Jul 17, 2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2024-21166 was published Jul 17, 2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2024-21179 was published Jul 17, 2024

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS... Moderate Unreviewed

CVE-2024-40807 was published Jul 30, 2024

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An... Moderate Unreviewed

CVE-2025-43231 was published Sep 16, 2025

A security flaw has been discovered in code-projects Client Details System 1.0. The impacted... Moderate Unreviewed

CVE-2025-12283 was published Oct 27, 2025

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed

CVE-2025-12367 was published Nov 1, 2025

The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all... Moderate Unreviewed

CVE-2025-11174 was published Nov 1, 2025

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration... Moderate Unreviewed

CVE-2014-2349 was published May 17, 2022

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of... Moderate Unreviewed

CVE-2025-10759 was published Sep 22, 2025

Kazaar 1.25.12 allows /api/v1/org-id/orders/order-id/documents calls with a modified order-id. Moderate Unreviewed

CVE-2025-59686 was published Oct 1, 2025

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed

CVE-2025-22175 was published Oct 22, 2025

The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-11879 was published Oct 25, 2025

The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-12005 was published Oct 25, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

259 advisories