Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

525 advisories

Loading
The Primakon Pi Portal 1.0.18 API /api/V2/pp_udfv_admin endpoint, fails to perform necessary... High Unreviewed
CVE-2025-64065 was published Nov 25, 2025
The Primakon Pi Portal 1.0.18 /api/V2/pp_users?email endpoint is used for user data filtering but... High Unreviewed
CVE-2025-64062 was published Nov 25, 2025
Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when... Moderate Unreviewed
CVE-2025-64063 was published Nov 25, 2025
A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an... Moderate Unreviewed
CVE-2025-12288 was published Oct 27, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... Moderate Unreviewed
CVE-2025-11815 was published Nov 21, 2025
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized... High Unreviewed
CVE-2025-64655 was published Nov 21, 2025
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading... Moderate Unreviewed
CVE-2025-13085 was published Nov 19, 2025
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2025-12814 was published Nov 19, 2025
The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed
CVE-2025-12777 was published Nov 19, 2025
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2025-12494 was published Nov 15, 2025
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-11521 was published Nov 11, 2025
Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a... Moderate Unreviewed
CVE-2025-12435 was published Nov 10, 2025
In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System... Critical Unreviewed
CVE-2025-63691 was published Nov 7, 2025
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the... Moderate Unreviewed
CVE-2025-12854 was published Nov 7, 2025
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4519 was published Nov 7, 2025
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12360 was published Nov 6, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app... Moderate Unreviewed
CVE-2023-40430 was published Jan 11, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... High Unreviewed
CVE-2024-40814 was published Jul 30, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2024-21159 was published Jul 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2024-21166 was published Jul 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2024-21179 was published Jul 17, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight... High Unreviewed
CVE-2023-47166 was published May 1, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS... Moderate Unreviewed
CVE-2024-40807 was published Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed... High Unreviewed
CVE-2024-40783 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database