GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,062
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,757
Maven 6,173
npm 4,363
NuGet 766
pip 4,128
Pub 12
RubyGems 961
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 281,131

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

281,131 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WaveView client allows users to execute restricted set of predefined commands and scripts on the... Moderate Unreviewed

CVE-2025-65075 was published Dec 16, 2025

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only... Moderate Unreviewed

CVE-2025-0836 was published Dec 16, 2025

The Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-11220 was published Dec 16, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile... High Unreviewed

CVE-2025-13474 was published Dec 16, 2025

The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash,... Moderate Unreviewed

CVE-2025-13741 was published Dec 16, 2025

The WPCOM Member plugin for WordPress is vulnerable to authentication bypass via brute force in... High Unreviewed

CVE-2025-14002 was published Dec 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush... Unknown Unreviewed

CVE-2025-68082 was published Dec 16, 2025

Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows... Moderate Unreviewed

CVE-2025-68088 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-67986 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-68056 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-67999 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-68053 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-68054 was published Dec 16, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library... Unknown Unreviewed

CVE-2025-67985 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68061 was published Dec 16, 2025

Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side... Unknown Unreviewed

CVE-2025-67989 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68066 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68065 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-68055 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68070 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-68077 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68062 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68068 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68067 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-68076 was published Dec 16, 2025

Previous 1…11…400 Next

Previous 1 2 … 9 10 11 12 13 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281,131 advisories