Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,109 advisories

Loading
Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call... Moderate Unreviewed
CVE-2026-20821 was published Jan 13, 2026
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an... Moderate Unreviewed
CVE-2026-20805 was published Jan 13, 2026
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... Moderate Unreviewed
CVE-2026-20823 was published Jan 13, 2026
Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface ... Moderate Unreviewed
CVE-2026-20827 was published Jan 13, 2026
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet... Critical Unreviewed
CVE-2025-47855 was published Jan 13, 2026
Information disclosure in the Networking component. This vulnerability affects Firefox < 147 and... Moderate Unreviewed
CVE-2026-0883 was published Jan 13, 2026
Information disclosure in the XML component. This vulnerability affects Firefox < 147. Moderate Unreviewed
CVE-2026-0888 was published Jan 13, 2026
The EventPrime - Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14507 was published Jan 13, 2026
A vulnerability has been identified in the ServiceNow AI Platform that could enable an... Critical Unreviewed
CVE-2025-12420 was published Jan 13, 2026
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Low Unreviewed
CVE-2025-46676 was published Jan 9, 2026
The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-14980 was published Jan 9, 2026
The weDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions... Moderate Unreviewed
CVE-2025-14574 was published Jan 9, 2026
Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions... Low Unreviewed
CVE-2026-0747 was published Jan 8, 2026
KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface... Moderate Unreviewed
CVE-2025-68718 was published Jan 8, 2026
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any... High Unreviewed
CVE-2025-68719 was published Jan 8, 2026
This vulnerability allows a Backup or Tape Operator to write files as root. Critical Unreviewed
CVE-2025-59469 was published Jan 8, 2026
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests... Moderate Unreviewed
CVE-2026-20027 was published Jan 7, 2026
Information disclosure when a weak hashed value is returned to userland code in response to a... Moderate Unreviewed
CVE-2025-47369 was published Jan 7, 2026
Improper service binding configuration in internal service components in HCL BigFix IVR version 4... Low Unreviewed
CVE-2025-31964 was published Jan 7, 2026
The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2025-13371 was published Jan 7, 2026
The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-12540 was published Jan 7, 2026
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-13215 was published Jan 6, 2026
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800... High Unreviewed
CVE-2025-20336 was published Jan 5, 2026
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure High Unreviewed
CVE-2025-15103 was published Dec 30, 2025
The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-14280 was published Dec 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database