GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,487
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,614
Maven 6,093
npm 4,254
NuGet 760
pip 4,031
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,592

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

141,419 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions... Moderate Unreviewed

CVE-2025-11602 was published Oct 31, 2025

The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-12041 was published Oct 31, 2025

The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2025-8385 was published Oct 31, 2025

The OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) plugin for... Moderate Unreviewed

CVE-2025-12094 was published Oct 31, 2025

The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less... Moderate Unreviewed

CVE-2025-8383 was published Oct 31, 2025

The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-12175 was published Oct 31, 2025

Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to... Moderate Unreviewed

CVE-2025-30191 was published Oct 31, 2025

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used.... Moderate Unreviewed

CVE-2025-63675 was published Oct 31, 2025

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and... Moderate Unreviewed

CVE-2025-58152 was published Oct 31, 2025

The FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant... Moderate Unreviewed

CVE-2025-11975 was published Oct 31, 2025

The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11806 was published Oct 31, 2025

In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the ... Moderate Unreviewed

CVE-2025-48980 was published Oct 31, 2025

A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Revive Adserver... Moderate Unreviewed

CVE-2025-27208 was published Oct 31, 2025

LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed

CVE-2025-8849 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R1 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2024-58272 was published Oct 31, 2025

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34278 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the... Moderate Unreviewed

CVE-2024-14000 was published Oct 31, 2025

In Nagios Log Server versions prior to 2024R2.0.3, when a user's configured default dashboard is... Moderate Unreviewed

CVE-2025-34272 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the AD/LDAP user import... Moderate Unreviewed

CVE-2025-34270 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets... Moderate Unreviewed

CVE-2025-34135 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the... Moderate Unreviewed

CVE-2024-14001 was published Oct 31, 2025

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bandwidth... Moderate Unreviewed

CVE-2023-7314 was published Oct 31, 2025

Nagios Log Server versions prior to 2.1.14 are vulnerable to cross-site scripting (XSS) via the... Moderate Unreviewed

CVE-2023-7321 was published Oct 31, 2025

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2023-7312 was published Oct 31, 2025

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bulk... Moderate Unreviewed

CVE-2023-7313 was published Oct 31, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

141,419 advisories