Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the... High Unreviewed
CVE-2025-14655 was published Dec 14, 2025
A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function... High Unreviewed
CVE-2025-14654 was published Dec 14, 2025
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an... High Unreviewed
CVE-2025-14659 was published Dec 14, 2025
A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the... High Unreviewed
CVE-2025-14656 was published Dec 14, 2025
The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args`... High Unreviewed
CVE-2025-13126 was published Dec 14, 2025
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration... High Unreviewed
CVE-2025-36748 was published Dec 13, 2025
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default,... High Unreviewed
CVE-2025-36753 was published Dec 13, 2025
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A... High Unreviewed
CVE-2025-36750 was published Dec 13, 2025
The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP... High Unreviewed
CVE-2025-14476 was published Dec 13, 2025
The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to... High Unreviewed
CVE-2025-14397 was published Dec 13, 2025
The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local... High Unreviewed
CVE-2025-14475 was published Dec 13, 2025
Universal Tool Calling Protocol (UTCP) client library for Python vulnerable to Trust Boundary Violation through Manual JSON specification High
CVE-2025-14542 was published for utcp (pip) Dec 13, 2025
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hide_fields'... High Unreviewed
CVE-2025-13089 was published Dec 13, 2025
The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-13094 was published Dec 13, 2025
The افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce plugin for WordPress is... High Unreviewed
CVE-2025-13077 was published Dec 13, 2025
OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of... High Unreviewed
CVE-2025-13970 was published Dec 13, 2025
aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer High
CVE-2025-67721 was published for io.airlift:aircompressor (Maven) Dec 12, 2025
kyakdan Credited to kyakdan, philippe-granet, and lhotari philippe-granet philippe-granet
lhotari lhotari
A logic error was addressed with improved error handling. This issue is fixed in macOS Tahoe 26.1... High Unreviewed
CVE-2025-43506 was published Dec 12, 2025
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in... High Unreviewed
CVE-2025-43510 was published Dec 12, 2025
This issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15... High Unreviewed
CVE-2025-43542 was published Dec 12, 2025
A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26... High Unreviewed
CVE-2025-43494 was published Dec 12, 2025
An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in macOS... High Unreviewed
CVE-2025-46285 was published Dec 12, 2025
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.8.3,... High Unreviewed
CVE-2025-43539 was published Dec 12, 2025
This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app... High Unreviewed
CVE-2025-43467 was published Dec 12, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3,... High Unreviewed
CVE-2025-43512 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database