GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,159
Composer 5,094
Erlang 40
GitHub Actions 38
Go 2,779
Maven 6,180
npm 4,380
NuGet 770
pip 4,159
Pub 12
RubyGems 963
Rust 1,071
Swift 45

Unreviewed advisories

All unreviewed 282,804

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

10,077 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-14280 was published Dec 29, 2025

Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability... Moderate Unreviewed

CVE-2025-15070 was published Dec 29, 2025

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data,... High Unreviewed

CVE-2025-15065 was published Dec 29, 2025

A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing... Low Unreviewed

CVE-2025-15141 was published Dec 28, 2025

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function... Moderate Unreviewed

CVE-2025-15121 was published Dec 28, 2025

An issue in Terra Informatica Software, Inc Sciter v.4.4.7.0 allows a local attacker to obtain... Moderate Unreviewed

CVE-2024-29720 was published Dec 26, 2025

A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the... Moderate Unreviewed

CVE-2025-15082 was published Dec 25, 2025

Senstar Symphony FetchStoredLicense Information Disclosure Vulnerability. This vulnerability... High Unreviewed

CVE-2025-12491 was published Dec 24, 2025

Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows... High Unreviewed

CVE-2025-63662 was published Dec 22, 2025

A vulnerability in WooCommerce 8.1 to 10.4.2 can allow logged-in customers to access order data... Moderate Unreviewed

CVE-2025-15033 was published Dec 22, 2025

An authenticated local user can obtain information that allows claiming security policy rules of... Moderate Unreviewed

CVE-2025-8304 was published Dec 22, 2025

An authenticated local user can obtain information that allows claiming security policy rules of... Moderate Unreviewed

CVE-2025-8305 was published Dec 22, 2025

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2025-12492 was published Dec 20, 2025

After a recent bug fix to correctly handle CR+LF (Windows and DOS) End-of-Record (EOR) characters... Moderate Unreviewed

CVE-2025-14591 was published Dec 20, 2025

Storybook manager bundle may expose environment variables during build High

CVE-2025-68429 was published for storybook (npm) Dec 18, 2025

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2... Moderate Unreviewed

CVE-2025-46278 was published Dec 17, 2025

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An... Moderate Unreviewed

CVE-2025-46283 was published Dec 17, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26... Low Unreviewed

CVE-2025-46279 was published Dec 17, 2025

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2... Moderate Unreviewed

CVE-2025-43514 was published Dec 17, 2025

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo C210 V.1.8... High Unreviewed

CVE-2025-14553 was published Dec 16, 2025

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS... Moderate Unreviewed

CVE-2025-46294 was published Dec 16, 2025

The Fancy Product Designer plugin for WordPress is vulnerable to Information Disclosure in all... Moderate Unreviewed

CVE-2025-13439 was published Dec 16, 2025

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information... Moderate Unreviewed

CVE-2025-66963 was published Dec 15, 2025

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. ... Moderate Unreviewed

CVE-2025-11670 was published Dec 15, 2025

The GenerateBlocks plugin for WordPress is vulnerable to information exposure due to missing... Moderate Unreviewed

CVE-2025-12512 was published Dec 13, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,077 advisories