Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,613 advisories

Loading
The authentication mechanism on web interface is not properly implemented. It is possible to... Critical Unreviewed
CVE-2025-36754 was published Dec 13, 2025
Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X.... Critical Unreviewed
CVE-2025-36751 was published Dec 13, 2025
A vulnerability was determined in code-projects Student File Management System 1.0. Affected by... Moderate Unreviewed
CVE-2025-14620 was published Dec 13, 2025
The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-8195 was published Dec 13, 2025
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A... High Unreviewed
CVE-2025-36750 was published Dec 13, 2025
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration... High Unreviewed
CVE-2025-36748 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67868 was published Dec 13, 2025
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to... Low Unreviewed
CVE-2025-9218 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67864 was published Dec 13, 2025
A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-14607 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67870 was published Dec 13, 2025
The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-9488 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67865 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67867 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67863 was published Dec 13, 2025
The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-7960 was published Dec 13, 2025
Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented... Critical Unreviewed
CVE-2025-36752 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67869 was published Dec 13, 2025
The TI WooCommerce Wishlist plugin for WordPress is vulnerable to HTML Injection in all versions... Moderate Unreviewed
CVE-2025-9207 was published Dec 13, 2025
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default,... High Unreviewed
CVE-2025-36753 was published Dec 13, 2025
The YITH WooCommerce Quick View plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-8617 was published Dec 13, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-67866 was published Dec 13, 2025
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-7058 was published Dec 13, 2025
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for... Moderate Unreviewed
CVE-2025-9856 was published Dec 13, 2025
A vulnerability was identified in code-projects Student File Management System 1.0. This affects... Moderate Unreviewed
CVE-2025-14621 was published Dec 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database