GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,867

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,718 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-11391 was published Oct 18, 2025

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Critical Unreviewed

CVE-2017-20208 was published Oct 18, 2025

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to,... Critical Unreviewed

CVE-2017-20207 was published Oct 18, 2025

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to,... Critical Unreviewed

CVE-2017-20206 was published Oct 18, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed

CVE-2025-34215 was published Sep 29, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote... Critical Unreviewed

CVE-2025-62645 was published Oct 17, 2025

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed

CVE-2025-40715 was published Jul 8, 2025

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed

CVE-2025-40717 was published Jul 8, 2025

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed

CVE-2025-40716 was published Jul 8, 2025

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control... Critical Unreviewed

CVE-2025-59033 was published Sep 8, 2025

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass... Critical Unreviewed

CVE-2025-56221 was published Oct 17, 2025

Incorrect Content-Type header in one of the APIs (`text/html` instead of `application/json`)... Critical Unreviewed

CVE-2025-11925 was published Oct 17, 2025

The Sante PACS Server Web Portal sends credential information without encryption. Critical Unreviewed

CVE-2025-54156 was published Aug 19, 2025

A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read... Critical Unreviewed

CVE-2025-62353 was published Oct 17, 2025

A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically... Critical Unreviewed

CVE-2025-57567 was published Oct 17, 2025

Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP... Critical Unreviewed

CVE-2025-8414 was published Oct 17, 2025

A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5... Critical Unreviewed

CVE-2025-60279 was published Oct 17, 2025

The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed

CVE-2024-54794 was published Jan 21, 2025

An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed

CVE-2025-9152 was published Oct 16, 2025

An improper access control vulnerability exists in multiple WSO2 products due to insufficient... Critical Unreviewed

CVE-2025-9804 was published Oct 16, 2025

Some versions of Hikvision's iSecure Center Product have an improper file upload control... Critical Unreviewed

CVE-2023-28814 was published Oct 17, 2025

Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation,... Critical Unreviewed

CVE-2023-28815 was published Oct 17, 2025

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-11900 was published Oct 17, 2025

An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed

CVE-2025-6949 was published Oct 17, 2025

An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security... Critical Unreviewed

CVE-2025-6950 was published Oct 17, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,718 advisories