GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,893 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

App lock verification bypass vulnerability in the file management app. Impact: Successful... Moderate Unreviewed

CVE-2025-66330 was published Dec 8, 2025

Permission control vulnerability in the media library module. Impact: Successful exploitation of... Moderate Unreviewed

CVE-2025-58279 was published Dec 8, 2025

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is... Moderate Unreviewed

CVE-2025-14197 was published Dec 7, 2025

A vulnerability was detected in Verysync 微力同步 2.21.3. This affects an unknown function of the... Moderate Unreviewed

CVE-2025-14198 was published Dec 7, 2025

The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2025-13006 was published Dec 5, 2025

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-13494 was published Dec 5, 2025

The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be... High Unreviewed

CVE-2025-10285 was published Dec 5, 2025

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed

CVE-2025-54304 was published Dec 4, 2025

The WebP Express plugin for WordPress is vulnerable to information exposure via config files in... Moderate Unreviewed

CVE-2025-11379 was published Dec 4, 2025

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58,... Moderate Unreviewed

CVE-2025-20383 was published Dec 3, 2025

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2025-12585 was published Dec 3, 2025

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... Moderate Unreviewed

CVE-2025-41015 was published Dec 2, 2025

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... Moderate Unreviewed

CVE-2025-41014 was published Dec 2, 2025

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated... Moderate Unreviewed

CVE-2025-41066 was published Dec 2, 2025

The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up... Moderate Unreviewed

CVE-2025-13696 was published Dec 2, 2025

In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there... Moderate Unreviewed

CVE-2025-13653 was published Dec 1, 2025

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU... Moderate Unreviewed

CVE-2025-2879 was published Dec 1, 2025

A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5... Moderate Unreviewed

CVE-2025-13785 was published Nov 30, 2025

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on... Moderate Unreviewed

CVE-2025-13683 was published Nov 28, 2025

Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation... Moderate Unreviewed

CVE-2025-58305 was published Nov 28, 2025

Permission control vulnerability in the file management module. Impact: Successful exploitation... Moderate Unreviewed

CVE-2025-64312 was published Nov 28, 2025

Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2025-64311 was published Nov 28, 2025

Exposure of email service credentials to users without administrative rights in Devolutions... Moderate Unreviewed

CVE-2025-13765 was published Nov 27, 2025

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server:... Low Unreviewed

CVE-2025-13758 was published Nov 27, 2025

In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL -... Moderate Unreviewed

CVE-2025-59454 was published Nov 27, 2025

Previous1…356 Next

Previous 1 2 3 4 5 … 355 356 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,893 advisories