GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,714
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,601
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,606

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

131,193 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4... Moderate Unreviewed

CVE-2025-3576 was published Apr 15, 2025

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object... Moderate Unreviewed

CVE-2025-2939 was published Jun 3, 2025

The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a... Moderate Unreviewed

CVE-2025-4047 was published Jun 3, 2025

Perl threads have a working directory race condition where file operations may target unintended... Moderate Unreviewed

CVE-2025-40909 was published May 30, 2025

Para Server Logs Sensitive Information Moderate

CVE-2025-48955 was published for com.erudika:para-server (Maven) May 30, 2025

The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-3919 was published Jun 3, 2025

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting an arbitrary image via a... Moderate Unreviewed

CVE-2025-49163 was published Jun 3, 2025

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a... Moderate Unreviewed

CVE-2025-49162 was published Jun 3, 2025

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed

CVE-2025-49164 was published Jun 3, 2025

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free... Moderate Unreviewed

CVE-2025-23104 was published Jun 2, 2025

A Local File Inclusion (LFI) vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender... Moderate Unreviewed

CVE-2024-40112 was published Jun 2, 2025

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2025-44115 was published Jun 2, 2025

Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default... Moderate Unreviewed

CVE-2024-40113 was published Jun 2, 2025

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1... Moderate Unreviewed

CVE-2024-40114 was published Jun 2, 2025

osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in ... Moderate Unreviewed

CVE-2025-45387 was published Jun 2, 2025

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3... Moderate Unreviewed

CVE-2024-23782 was published Jan 29, 2024

The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2023-7200 was published Jan 29, 2024

Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the... Moderate Unreviewed

CVE-2025-44172 was published Jun 2, 2025

Missing Authorization vulnerability in Mage people team Booking and Rental Manager allows... Moderate Unreviewed

CVE-2025-47585 was published Jun 2, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting Contact Forms by Cimatti... Moderate Unreviewed

CVE-2025-49069 was published Jun 2, 2025

In wlan STA driver, there is a possible system crash due to an uncaught exception. This could... Moderate Unreviewed

CVE-2025-20675 was published Jun 2, 2025

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Moderate Unreviewed

CVE-2025-23247 was published May 27, 2025

Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus... Moderate Unreviewed

CVE-2024-48704 was published May 23, 2025

The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the... Moderate Unreviewed

CVE-2021-4227 was published Jan 16, 2024

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product... Moderate Unreviewed

CVE-2022-3194 was published Jan 16, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

131,193 advisories