GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+ Composer
5,000+ Erlang
39 GitHub Actions
38 Go
2,746 Maven
5,000+ npm
4,350 NuGet
765 pip
4,114 Pub
12 RubyGems
960 Rust
1,069 Swift
45Unreviewed advisories
All unreviewed
5,000+Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280,414 advisories
Filter by severity
Uh oh!
There was an error while loading. Please reload this page.
APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient... High Unreviewed
CVE-2025-58770 was published Dec 12, 2025
Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random... Unknown Unreviewed
CVE-2025-54981 was published Dec 12, 2025
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed... Low Unreviewed
CVE-2025-36755 was published Dec 12, 2025
SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an... Moderate Unreviewed
CVE-2025-36746 was published Dec 12, 2025
In Apache StreamPark versions 2.0.0 through 2.1.7, a security vulnerability involving a hard... Unknown Unreviewed
CVE-2025-54947 was published Dec 12, 2025
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services... High Unreviewed
CVE-2025-13506 was published Dec 12, 2025
SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in... High Unreviewed
CVE-2025-36745 was published Dec 12, 2025
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors,... High Unreviewed
CVE-2025-36743 was published Dec 12, 2025
SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader... Low Unreviewed
CVE-2025-36744 was published Dec 12, 2025
The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for... Moderate Unreviewed
CVE-2025-12348 was published Dec 12, 2025
Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract:... High Unreviewed
CVE-2025-23408 was published Dec 12, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12408 was published Dec 12, 2025
The MailerLite – Signup forms (official) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-13993 was published Dec 12, 2025
The Magical Posts Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-12965 was published Dec 12, 2025
The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows... Unknown Unreviewed
CVE-2025-12841 was published Dec 12, 2025
The Simple Bike Rental plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-14065 was published Dec 12, 2025
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14442 was published Dec 12, 2025
The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14074 was published Dec 12, 2025
Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache... Unknown Unreviewed
CVE-2025-58130 was published Dec 12, 2025
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14159 was published Dec 12, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12407 was published Dec 12, 2025
The AI Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-14030 was published Dec 12, 2025
The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files,... Unknown Unreviewed
CVE-2025-12835 was published Dec 12, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue... Unknown Unreviewed
CVE-2025-58137 was published Dec 12, 2025
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path... Moderate Unreviewed
CVE-2025-13891 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API