GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,496

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

145,439 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Campay Woocommerce Payment Gateway plugin for WordPress is vulnerable to Unauthenticated... Moderate Unreviewed

CVE-2025-12883 was published Dec 12, 2025

The IMAQ Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2025-13363 was published Dec 12, 2025

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions... Moderate Unreviewed

CVE-2025-13320 was published Dec 12, 2025

The Product Filtering by Categories, Tags, Price Range for WooCommerce – Filter Plus plugin for... Moderate Unreviewed

CVE-2025-13314 was published Dec 12, 2025

The Rabbit Hole plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-13366 was published Dec 12, 2025

The Foxtool All-in-One: Contact chat button, Custom login, Media optimize images plugin for... Moderate Unreviewed

CVE-2025-13408 was published Dec 12, 2025

The Premmerce Wishlist for WooCommerce plugin for WordPress is vulnerable to Missing... Moderate Unreviewed

CVE-2025-13440 was published Dec 12, 2025

The Better Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12830 was published Dec 12, 2025

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2025-12834 was published Dec 12, 2025

The BUKAZU Search widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13840 was published Dec 12, 2025

The LS Google Map Router plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13850 was published Dec 12, 2025

The Easy Map Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13846 was published Dec 12, 2025

The Simple post listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-12650 was published Dec 12, 2025

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12783 was published Dec 12, 2025

Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows... Moderate Unreviewed

CVE-2025-13669 was published Dec 12, 2025

The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting... Moderate Unreviewed

CVE-2025-13670 was published Dec 12, 2025

The LJUsers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name'... Moderate Unreviewed

CVE-2025-13839 was published Dec 12, 2025

The System Console Utility for Windows is vulnerable to a DLL planting vulnerability Moderate Unreviewed

CVE-2025-13665 was published Dec 12, 2025

A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow... Moderate Unreviewed

CVE-2025-13668 was published Dec 12, 2025

SPA-CART CMS 1.9.0.3 contains a stored cross-site scripting vulnerability in the product... Moderate Unreviewed

CVE-2024-58304 was published Dec 12, 2025

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows... Moderate Unreviewed

CVE-2025-34504 was published Dec 12, 2025

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non... Moderate Unreviewed

CVE-2025-34499 was published Dec 12, 2025

SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 (e.g., on Mini1_prod2) allow... Moderate Unreviewed

CVE-2025-67780 was published Dec 12, 2025

FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative... Moderate Unreviewed

CVE-2024-58302 was published Dec 12, 2025

CE Phoenix v3.0.1 contains a stored cross-site scripting vulnerability in the currencies... Moderate Unreviewed

CVE-2024-58296 was published Dec 12, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

145,439 advisories