GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,768 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the... Moderate Unreviewed

CVE-2025-9005 was published Aug 15, 2025

The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its... Moderate Unreviewed

CVE-2025-50862 was published Aug 14, 2025

Information Disclosure in Amazon ECS Container Agent Moderate

CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025

Apache Superset data query improperly discloses database schema information to low-privileged guest user Moderate

CVE-2025-55673 was published for apache-superset (pip) Aug 14, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed

CVE-2025-53728 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an... Moderate Unreviewed

CVE-2025-53136 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an... Moderate Unreviewed

CVE-2025-53156 was published Aug 12, 2025

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2025-4390 was published Aug 12, 2025

YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster... Moderate Unreviewed

CVE-2025-8866 was published Aug 11, 2025

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part... Moderate Unreviewed

CVE-2025-8852 was published Aug 11, 2025

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as... Moderate Unreviewed

CVE-2025-8738 was published Aug 8, 2025

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability... Moderate Unreviewed

CVE-2024-58256 was published Aug 8, 2025

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability... Moderate Unreviewed

CVE-2024-58255 was published Aug 8, 2025

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability... Moderate Unreviewed

CVE-2024-58257 was published Aug 8, 2025

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-8620 was published Aug 6, 2025

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed

CVE-2025-46388 was published Aug 6, 2025

Vulnerability of insufficient information protection in the media library module. Impact:... Moderate Unreviewed

CVE-2025-54615 was published Aug 6, 2025

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue... Moderate Unreviewed

CVE-2025-8548 was published Aug 5, 2025

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic.... Moderate Unreviewed

CVE-2025-8525 was published Aug 4, 2025

A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This... Moderate Unreviewed

CVE-2025-8519 was published Aug 4, 2025

The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is... Moderate Unreviewed

CVE-2025-6722 was published Aug 2, 2025

OpenSearch unauthorized data access on fields protected by field level security if field is a member of an object Moderate

GHSA-2rjv-cv85-xhgm was published for org.opensearch.plugin:opensearch-security (Maven) Aug 1, 2025

OpenSearch unauthorized data access on fields protected by field masking for fields of type ip, geo_point, geo_shape, xy_point, xy_shape Moderate

GHSA-rrmm-wq7q-h4v5 was published for org.opensearch.plugin:opensearch-security (Maven) Aug 1, 2025

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... Moderate Unreviewed

CVE-2025-4523 was published Aug 1, 2025

Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non... Moderate Unreviewed

CVE-2025-43018 was published Jul 30, 2025

Previous 1…6…271 Next

Previous 1 2 3 4 5 6 7 8 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,768 advisories