GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,673

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125,465 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Apache StreamPark uses a Weak Encryption Algorithm High

CVE-2025-54981 was published for org.apache.streampark:streampark (Maven) Dec 12, 2025

Apache StreamPark has a hard-coded encryption key High

CVE-2025-54947 was published for org.apache.streampark:streampark (Maven) Dec 12, 2025

SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors,... High Unreviewed

CVE-2025-36743 was published Dec 12, 2025

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in... High Unreviewed

CVE-2025-36745 was published Dec 12, 2025

Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services... High Unreviewed

CVE-2025-13506 was published Dec 12, 2025

Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract:... High Unreviewed

CVE-2025-23408 was published Dec 12, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue... High Unreviewed

CVE-2025-58137 was published Dec 12, 2025

The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files,... High Unreviewed

CVE-2025-12835 was published Dec 12, 2025

Apache HugeGraph-Server: RAFT and deserialization vulnerability High

CVE-2025-26866 was published for org.apache.hugegraph:hg-pd-core (Maven) Dec 12, 2025

The Fancy Product Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2025-12570 was published Dec 12, 2025

The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by'... High Unreviewed

CVE-2025-14068 was published Dec 12, 2025

A vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected... High Unreviewed

CVE-2025-40829 was published Dec 12, 2025

The FunnelKit - Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-14169 was published Dec 12, 2025

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed

CVE-2025-14044 was published Dec 12, 2025

The Infility Global plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-12968 was published Dec 12, 2025

The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized database resets and... High Unreviewed

CVE-2025-13334 was published Dec 12, 2025

The Player Leaderboard plugin for WordPress is vulnerable to Local File Inclusion in all versions... High Unreviewed

CVE-2025-12824 was published Dec 12, 2025

The LT Unleashed plugin for WordPress is vulnerable to Local File Inclusion in all versions up to... High Unreviewed

CVE-2025-13886 was published Dec 12, 2025

When a user configures the NAS to retrieve UPS status or control the UPS, a non-enforced TLS... High Unreviewed

CVE-2025-13053 was published Dec 12, 2025

When the user set the Notification's sender to send emails to the SMTP server via msmtp, an... High Unreviewed

CVE-2025-13052 was published Dec 12, 2025

Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM... High Unreviewed

CVE-2025-10451 was published Dec 12, 2025

xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers... High Unreviewed

CVE-2024-58313 was published Dec 12, 2025

xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2024-58312 was published Dec 12, 2025

xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote... High Unreviewed

CVE-2024-58309 was published Dec 12, 2025

minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash... High Unreviewed

CVE-2024-58306 was published Dec 12, 2025

Previous 1…387…400 Next

Previous 1 2 … 385 386 387 388 389 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125,465 advisories