Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,627 advisories

Loading
Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on... Moderate Unreviewed
CVE-2025-10259 was published Nov 6, 2025
The Hubbub Lite – Fast, free social sharing and follow buttons plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-12471 was published Nov 6, 2025
The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed
CVE-2025-11268 was published Nov 6, 2025
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12360 was published Nov 6, 2025
A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys... High Unreviewed
CVE-2025-9338 was published Nov 6, 2025
Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates... Moderate Unreviewed
CVE-2025-61994 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64480 was published Nov 6, 2025
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server... Moderate Unreviewed
CVE-2025-12560 was published Nov 6, 2025
The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all... Moderate Unreviewed
CVE-2025-11271 was published Nov 6, 2025
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited... Moderate Unreviewed
CVE-2025-12563 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64472 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64473 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64475 was published Nov 6, 2025
The Easy Email Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-10691 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64476 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64474 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64478 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64477 was published Nov 6, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-64479 was published Nov 6, 2025
The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid'... Moderate Unreviewed
CVE-2025-10683 was published Nov 6, 2025
Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions... High Unreviewed
CVE-2025-12779 was published Nov 6, 2025
Improper authentication in the API authentication middleware of HCL DevOps Loop allows... High Unreviewed
CVE-2025-55278 was published Nov 6, 2025
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the... Unknown Unreviewed
CVE-2025-56232 was published Nov 5, 2025
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution... Critical Unreviewed
CVE-2025-63334 was published Nov 5, 2025
A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to... Moderate Unreviewed
CVE-2025-60784 was published Nov 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database