Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

10,045 advisories

Filter by severity
All severities
Low
Moderate
High
Critical
Loading
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12408 was published Dec 12, 2025
The Guest Support plugin for WordPress is vulnerable to User Email Disclosure in versions up to,... Moderate Unreviewed
CVE-2025-13660 was published Dec 12, 2025
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the... Moderate Unreviewed
CVE-2025-14528 was published Dec 11, 2025
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can... Critical Unreviewed
CVE-2025-65820 was published Dec 10, 2025
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the... Moderate Unreviewed
CVE-2025-52493 was published Dec 10, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows... Moderate Unreviewed
CVE-2025-64670 was published Dec 9, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Moderate Unreviewed
CVE-2025-40940 was published Dec 9, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Moderate Unreviewed
CVE-2025-40941 was published Dec 9, 2025
A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-14286 was published Dec 9, 2025
EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive... Moderate Unreviewed
CVE-2024-38798 was published Dec 9, 2025
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-12558 was published Dec 9, 2025
CNA Plugins Portmap nftables backend can intercept non-local traffic Moderate
CVE-2025-67499 was published for github.com/containernetworking/plugins (Go) Dec 9, 2025
agusdallalbachamptar
Credited to agusdallalba and champtar
Umbraco Vulnerable to Improper File Access and Credential Exposure in Dictionary Import Functionality Moderate
CVE-2025-66625 was published for Umbraco.Cms (NuGet) Dec 9, 2025
App lock verification bypass vulnerability in the file management app. Impact: Successful... Moderate Unreviewed
CVE-2025-66330 was published Dec 8, 2025
Permission control vulnerability in the media library module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-58279 was published Dec 8, 2025
A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is... Moderate Unreviewed
CVE-2025-14197 was published Dec 7, 2025
A vulnerability was detected in Verysync 微力同步 2.21.3. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-14198 was published Dec 7, 2025
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands High
CVE-2025-66623 was published for io.strimzi:strimzi (Maven) Dec 5, 2025
scholzjppatierno
im-konge
Credited to scholzj, ppatierno, and im-konge
The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-13494 was published Dec 5, 2025
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-13006 was published Dec 5, 2025
The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be... High Unreviewed
CVE-2025-10285 was published Dec 5, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
libcrux incorrectly calculates on aarch64 High
GHSA-2cgv-28vr-rv6j was published for libcrux-intrinsics (Rust) Dec 4, 2025
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed
CVE-2025-54304 was published Dec 4, 2025
Ansible Community General Collection is vulnerable to exposure of sensitive information Moderate
CVE-2025-14010 was published for ansible (pip) Dec 4, 2025
reanguiano
Credited to reanguiano
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database