GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,497

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,800 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of... High Unreviewed

CVE-2025-13970 was published Dec 13, 2025

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject... High Unreviewed

CVE-2024-58305 was published Dec 12, 2025

Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the payment_success... High Unreviewed

CVE-2024-58316 was published Dec 12, 2025

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a... High Unreviewed

CVE-2025-14174 was published Dec 12, 2025

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows... High Unreviewed

CVE-2024-14010 was published Dec 12, 2025

Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection... High Unreviewed

CVE-2024-58314 was published Dec 12, 2025

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows... High Unreviewed

CVE-2024-58311 was published Dec 12, 2025

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for... High Unreviewed

CVE-2025-14611 was published Dec 12, 2025

A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the... High Unreviewed

CVE-2025-14572 was published Dec 12, 2025

BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed

CVE-2025-13733 was published Dec 12, 2025

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4... High Unreviewed

CVE-2025-65530 was published Dec 12, 2025

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient... High Unreviewed

CVE-2025-58770 was published Dec 12, 2025

Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services... High Unreviewed

CVE-2025-13506 was published Dec 12, 2025

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in... High Unreviewed

CVE-2025-36745 was published Dec 12, 2025

SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors,... High Unreviewed

CVE-2025-36743 was published Dec 12, 2025

The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files,... High Unreviewed

CVE-2025-12835 was published Dec 12, 2025

Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract:... High Unreviewed

CVE-2025-23408 was published Dec 12, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue... High Unreviewed

CVE-2025-58137 was published Dec 12, 2025

The FunnelKit - Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-14169 was published Dec 12, 2025

The Fancy Product Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2025-12570 was published Dec 12, 2025

The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by'... High Unreviewed

CVE-2025-14068 was published Dec 12, 2025

A vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected... High Unreviewed

CVE-2025-40829 was published Dec 12, 2025

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed

CVE-2025-14044 was published Dec 12, 2025

The Infility Global plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-12968 was published Dec 12, 2025

The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized database resets and... High Unreviewed

CVE-2025-13334 was published Dec 12, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106,800 advisories