GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,397

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

29 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to... High Unreviewed

CVE-2025-41415 was published Aug 21, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg... High Unreviewed

CVE-2025-55715 was published Aug 20, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows... High Unreviewed

CVE-2025-47444 was published Aug 12, 2025

YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include... High Unreviewed

CVE-2025-8862 was published Aug 11, 2025

XWiki makes title of inaccessible pages available through the class property values REST API High

CVE-2025-49584 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Jun 13, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX... High Unreviewed

CVE-2025-48261 was published Jun 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders &... High Unreviewed

CVE-2025-48331 was published May 30, 2025

An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default... High Unreviewed

CVE-2025-48045 was published May 29, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in WPFunnels Mail Mint allows... High Unreviewed

CVE-2025-47541 was published May 23, 2025

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information... High Unreviewed

CVE-2025-3529 was published Apr 23, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Hive Support Hive Support... High Unreviewed

CVE-2025-32635 was published Apr 17, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events... High Unreviewed

CVE-2025-32594 was published Apr 17, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows... High Unreviewed

CVE-2024-7872 was published Mar 6, 2025

Develocity (formerly Gradle Enterprise) before 2024.3.1 allows an attacker who has network access... High Unreviewed

CVE-2025-24858 was published Jan 26, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WM Options Import... High Unreviewed

CVE-2025-23781 was published Jan 22, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WPDB to Sql allows... High Unreviewed

CVE-2025-23774 was published Jan 22, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity (fieldable... High Unreviewed

CVE-2024-13276 was published Jan 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows... High Unreviewed

CVE-2024-13254 was published Jan 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows... High Unreviewed

CVE-2024-13259 was published Jan 9, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in WPSpins Post/Page Copying Tool... High Unreviewed

CVE-2024-56300 was published Jan 7, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows... High Unreviewed

CVE-2024-53804 was published Dec 6, 2024

Insertion of Sensitive Information Into Sent Data vulnerability in VideoWhisper.Com Contact Forms... High Unreviewed

CVE-2024-49235 was published Oct 17, 2024

An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware... High Unreviewed

CVE-2024-8890 was published Sep 18, 2024

Audit records for OpenAPI requests may include sensitive information. This could lead to... High Unreviewed

CVE-2023-6916 was published Apr 10, 2024

Liferay Portal vulnerable to user impersonation High

CVE-2024-25148 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

29 advisories