GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+ Composer
5,000+ Erlang
39 GitHub Actions
38 Go
2,750 Maven
5,000+ npm
4,353 NuGet
765 pip
4,114 Pub
12 RubyGems
960 Rust
1,069 Swift
45Unreviewed advisories
All unreviewed
5,000+Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280,497 advisories
Filter by severity
Uh oh!
There was an error while loading. Please reload this page.
Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows... Low Unreviewed
CVE-2023-29144 was published Dec 12, 2025
In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject... Unknown Unreviewed
CVE-2025-40345 was published Dec 12, 2025
BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed
CVE-2025-13733 was published Dec 12, 2025
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects... Moderate Unreviewed
CVE-2025-12843 was published Dec 12, 2025
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4... High Unreviewed
CVE-2025-65530 was published Dec 12, 2025
Plesk 18.0 has Incorrect Access Control. Critical Unreviewed
CVE-2025-66430 was published Dec 12, 2025
jshERP v3.5 and earlier is affected by a stored Cross Site Scripting (XSS) vulnerability via the ... Moderate Unreviewed
CVE-2025-67344 was published Dec 12, 2025
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core... Moderate Unreviewed
CVE-2025-64011 was published Dec 12, 2025
RuoYi versions 4.8.1 and earlier is affected by a stored XSS vulnerability in the /system/menu... Moderate Unreviewed
CVE-2025-67342 was published Dec 12, 2025
jshERP versions 3.5 and earlier are affected by a stored XSS vulnerability. This vulnerability... Moderate Unreviewed
CVE-2025-67341 was published Dec 12, 2025
APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient... High Unreviewed
CVE-2025-58770 was published Dec 12, 2025
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed... Low Unreviewed
CVE-2025-36755 was published Dec 12, 2025
SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an... Moderate Unreviewed
CVE-2025-36746 was published Dec 12, 2025
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services... High Unreviewed
CVE-2025-13506 was published Dec 12, 2025
SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in... High Unreviewed
CVE-2025-36745 was published Dec 12, 2025
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors,... High Unreviewed
CVE-2025-36743 was published Dec 12, 2025
SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader... Low Unreviewed
CVE-2025-36744 was published Dec 12, 2025
The Magical Posts Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-12965 was published Dec 12, 2025
The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files,... High Unreviewed
CVE-2025-12835 was published Dec 12, 2025
The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows... Moderate Unreviewed
CVE-2025-12841 was published Dec 12, 2025
The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for... Moderate Unreviewed
CVE-2025-12348 was published Dec 12, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12407 was published Dec 12, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12408 was published Dec 12, 2025
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14159 was published Dec 12, 2025
The AI Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-14030 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API