GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,789

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

134,521 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program'... Moderate Unreviewed

CVE-2023-53886 was published Dec 15, 2025

Perch CMS 3.2 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed

CVE-2023-53890 was published Dec 15, 2025

A vulnerability was determined in vion707 DMadmin up to 3403cafdb42537a648c30bf8cbc8148ec60437d1.... Moderate Unreviewed

CVE-2025-14722 was published Dec 15, 2025

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows... Moderate Unreviewed

CVE-2023-53878 was published Dec 15, 2025

Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed

CVE-2023-53891 was published Dec 15, 2025

Inventory Management System 1 was discovered to contain a SQL injection vulnerability. Moderate Unreviewed

CVE-2023-36338 was published Dec 15, 2025

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 Deploy transmits data in clear text that could... Moderate Unreviewed

CVE-2025-13489 was published Dec 15, 2025

Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML... Moderate Unreviewed

CVE-2023-53871 was published Dec 15, 2025

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM... Moderate Unreviewed

CVE-2025-14148 was published Dec 15, 2025

The Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android 6.0... Moderate Unreviewed

CVE-2025-65835 was published Dec 15, 2025

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2... Moderate Unreviewed

CVE-2025-36360 was published Dec 15, 2025

Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter... Moderate Unreviewed

CVE-2023-53870 was published Dec 15, 2025

SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute... Moderate Unreviewed

CVE-2023-38913 was published Dec 15, 2025

An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A hardcoded Flickr API key... Moderate Unreviewed

CVE-2025-67809 was published Dec 15, 2025

TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function... Moderate Unreviewed

CVE-2025-55901 was published Dec 15, 2025

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-14387 was published Dec 15, 2025

TOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via... Moderate Unreviewed

CVE-2025-55893 was published Dec 15, 2025

The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism... Moderate Unreviewed

CVE-2025-34412 was published Dec 15, 2025

The Convercent Whistleblowing Platform operated by EQS Group exposes an unauthenticated API... Moderate Unreviewed

CVE-2025-34411 was published Dec 15, 2025

The FluentAuth – The Ultimate Authorization & Security Plugin for WordPress plugin for WordPress... Moderate Unreviewed

CVE-2025-13728 was published Dec 15, 2025

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-14003 was published Dec 15, 2025

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Moderate Unreviewed

CVE-2025-13610 was published Dec 15, 2025

The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-13950 was published Dec 15, 2025

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User... Moderate Unreviewed

CVE-2025-13367 was published Dec 15, 2025

The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13608 was published Dec 15, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

134,521 advisories