GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,585
Composer 5,151
Erlang 40
GitHub Actions 38
Go 2,867
Maven 6,224
npm 4,488
NuGet 780
pip 4,244
Pub 12
RubyGems 975
Rust 1,096
Swift 49

Unreviewed advisories

All unreviewed 287,041

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

963 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app... Moderate Unreviewed

CVE-2025-15394 was published Dec 31, 2025

A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the... Moderate Unreviewed

CVE-2025-15393 was published Dec 31, 2025

A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the... Moderate Unreviewed

CVE-2025-15148 was published Dec 28, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in The4 Molla molla... Moderate Unreviewed

CVE-2025-60070 was published Dec 18, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in javothemes Javo Core... Moderate Unreviewed

CVE-2025-60068 was published Dec 18, 2025

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted... Moderate Unreviewed

CVE-2025-14730 was published Dec 16, 2025

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected... Moderate Unreviewed

CVE-2025-14729 was published Dec 16, 2025

An SSTI (Server-Side Template Injection) vulnerability exists in the get_contract_template method... Moderate Unreviewed

CVE-2025-66435 was published Dec 15, 2025

An SSTI (Server-Side Template Injection) vulnerability exists in the get_terms_and_conditions... Moderate Unreviewed

CVE-2025-66436 was published Dec 15, 2025

The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2025-14539 was published Dec 13, 2025

Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects... Moderate Unreviewed

CVE-2025-12843 was published Dec 12, 2025

The WPMasterToolKit plugin for WordPress is vulnerable to PHP Code Injection in all versions up... Moderate Unreviewed

CVE-2025-14166 was published Dec 12, 2025

In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the... Moderate Unreviewed

CVE-2025-36938 was published Dec 11, 2025

The ESP32 system on a chip (SoC) that powers the Meatmeet basestation device was found to lack... Moderate Unreviewed

CVE-2025-65829 was published Dec 10, 2025

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed

CVE-2025-13642 was published Dec 9, 2025

A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665.... Moderate Unreviewed

CVE-2025-13786 was published Nov 30, 2025

In Apache CloudStack improper control of generation of code ('Code Injection') vulnerability is... Moderate Unreviewed

CVE-2025-59302 was published Nov 27, 2025

The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks... Moderate Unreviewed

CVE-2025-63693 was published Nov 18, 2025

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation... Moderate Unreviewed

CVE-2025-37157 was published Nov 18, 2025

The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2025-7711 was published Nov 18, 2025

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of... Moderate Unreviewed

CVE-2024-48829 was published Nov 12, 2025

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a... Moderate Unreviewed

CVE-2025-42895 was published Nov 11, 2025

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2025-8483 was published Oct 25, 2025

A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept... Moderate Unreviewed

CVE-2025-8848 was published Oct 22, 2025

A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the... Moderate Unreviewed

CVE-2025-11905 was published Oct 17, 2025

Previous1…39 Next

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

963 advisories