Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

142,529 advisories

Loading
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12377 was published Nov 13, 2025
Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability Moderate Unreviewed
CVE-2025-7704 was published Nov 13, 2025
The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-11769 was published Nov 13, 2025
The Comment Edit Core – Simple Comment Editing plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-12681 was published Nov 13, 2025
The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your... Moderate Unreviewed
CVE-2025-12015 was published Nov 13, 2025
The Angel – Fashion Model Agency WordPress CMS Theme theme for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2025-10295 was published Nov 13, 2025
The Save as PDF Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-8397 was published Nov 13, 2025
The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass... Moderate Unreviewed
CVE-2025-11260 was published Nov 13, 2025
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12366 was published Nov 13, 2025
The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-12979 was published Nov 13, 2025
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file... Moderate Unreviewed
CVE-2025-12089 was published Nov 13, 2025
The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12536 was published Nov 13, 2025
The Survey Maker plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-12891 was published Nov 13, 2025
The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2025-12892 was published Nov 13, 2025
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12620 was published Nov 13, 2025
A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an... Moderate Unreviewed
CVE-2025-13076 was published Nov 13, 2025
A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown... Moderate Unreviewed
CVE-2025-13075 was published Nov 13, 2025
AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability... Moderate Unreviewed
CVE-2011-10034 was published Nov 13, 2025
TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control... Moderate Unreviewed
CVE-2022-4983 was published Nov 13, 2025
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source... Moderate Unreviewed
CVE-2025-33119 was published Nov 13, 2025
Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details Moderate
CVE-2025-64502 was published for parse-server (npm) Nov 13, 2025
mtrezza coratgerl
mstniy
Credited to mtrezza, coratgerl, and mstniy
A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-13061 was published Nov 12, 2025
An improper default permission vulnerability was reported in Lenovo Dock Manager that, under... Moderate Unreviewed
CVE-2025-8421 was published Nov 12, 2025
IBM OpenPages 9.0 and 9.1 is vulnerable to HTTP header injection, caused by improper validation... Moderate Unreviewed
CVE-2025-36223 was published Nov 12, 2025
A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function.... Moderate Unreviewed
CVE-2025-13063 was published Nov 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database