Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

276,291 advisories

Loading
The WP Airbnb Review Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-12520 was published Nov 7, 2025
The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes... Moderate Unreviewed
CVE-2025-12527 was published Nov 7, 2025
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-12352 was published Nov 7, 2025
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... Moderate Unreviewed
CVE-2025-4522 was published Nov 7, 2025
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4519 was published Nov 7, 2025
The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5483 was published Nov 7, 2025
A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0... Low Unreviewed
CVE-2025-48985 was published Nov 7, 2025
A vulnerability in Nuxt DevTools has been fixed in version **2.6.4***. This issue may have... Moderate Unreviewed
CVE-2025-52662 was published Nov 7, 2025
Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from... Critical Unreviewed
CVE-2025-11546 was published Nov 7, 2025
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that... Moderate Unreviewed
CVE-2025-12789 was published Nov 7, 2025
Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger... Moderate Unreviewed
CVE-2025-64302 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-62630 was published Nov 7, 2025
Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote... Unknown Unreviewed
CVE-2025-11756 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-59171 was published Nov 7, 2025
Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-11460 was published Nov 7, 2025
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-11458 was published Nov 7, 2025
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed
CVE-2025-58423 was published Nov 7, 2025
The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an... High Unreviewed
CVE-2025-12636 was published Nov 7, 2025
Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote... Unknown Unreviewed
CVE-2025-12036 was published Nov 7, 2025
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-11219 was published Nov 7, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... Unknown Unreviewed
CVE-2025-11213 was published Nov 7, 2025
Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote... Unknown Unreviewed
CVE-2025-11210 was published Nov 7, 2025
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-11211 was published Nov 7, 2025
Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-11215 was published Nov 7, 2025
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed... Unknown Unreviewed
CVE-2025-11212 was published Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database