Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

145,439 advisories

Loading
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-46959 was published Jul 16, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-47053 was published Jul 16, 2025
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged... Moderate Unreviewed
CVE-2025-32353 was published Jul 16, 2025
A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This Issue (Data Center) before... Moderate Unreviewed
CVE-2024-42912 was published Jul 16, 2025
Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce... Moderate Unreviewed
CVE-2025-40919 was published Jul 16, 2025
Broken access control in Fortra's GoAnywhere MFT prior to 7.8.1 allows an attacker to create a... Moderate Unreviewed
CVE-2025-3871 was published Jul 16, 2025
Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an... Moderate Unreviewed
CVE-2025-40913 was published Jul 16, 2025
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce... Moderate Unreviewed
CVE-2025-40918 was published Jul 16, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS... Moderate Unreviewed
CVE-2025-53755 was published Jul 16, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials... Moderate Unreviewed
CVE-2025-53754 was published Jul 16, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials... Moderate Unreviewed
CVE-2025-53758 was published Jul 16, 2025
Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting... Moderate Unreviewed
CVE-2025-49319 was published Jul 16, 2025
Missing Authorization vulnerability in activity-log.com Profiler - What Slowing Down Your WP... Moderate Unreviewed
CVE-2025-48339 was published Jul 16, 2025
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting... Moderate Unreviewed
CVE-2025-50028 was published Jul 16, 2025
Missing Authorization vulnerability in alexvtn Internal Linking of Related Contents allows... Moderate Unreviewed
CVE-2025-49884 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows... Moderate Unreviewed
CVE-2025-54041 was published Jul 16, 2025
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting... Moderate Unreviewed
CVE-2025-54037 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site... Moderate Unreviewed
CVE-2025-54042 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54050 was published Jul 16, 2025
Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-54047 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54051 was published Jul 16, 2025
Missing Authorization vulnerability in WPFactory Product XML Feed Manager for WooCommerce allows... Moderate Unreviewed
CVE-2025-30959 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54006 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54013 was published Jul 16, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed
CVE-2025-54015 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database