Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,724 advisories

Loading
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4519 was published Nov 7, 2025
The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5483 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-62630 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-59171 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-58423 was published Nov 7, 2025
The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an... High Unreviewed
CVE-2025-12636 was published Nov 7, 2025
Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-12486 was published Nov 6, 2025
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-12489 was published Nov 6, 2025
MQTT does not validate hostnames High
CVE-2025-12790 was published for mqtt (RubyGems) Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in... High Unreviewed
CVE-2025-34239 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34242 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34240 was published Nov 6, 2025
Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-12490 was published Nov 6, 2025
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of... High Unreviewed
CVE-2022-50590 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50594 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50591 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64224 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64198 was published Nov 6, 2025
A maliciously crafted file, when executed on the victim's machine, can lead to privilege... High Unreviewed
CVE-2025-10885 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-62076 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64232 was published Nov 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-62075 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64196 was published Nov 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-64287 was published Nov 6, 2025
An unauthenticated reflected cross-site scripting vulnerability in the query handling of... High Unreviewed
CVE-2025-63588 was published Nov 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database