GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,666

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

141,546 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the... Moderate Unreviewed

CVE-2025-6988 was published Nov 1, 2025

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-12137 was published Nov 1, 2025

The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to,... Moderate Unreviewed

CVE-2025-12180 was published Nov 1, 2025

The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an... Moderate Unreviewed

CVE-2025-12038 was published Nov 1, 2025

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11502 was published Nov 1, 2025

The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2025-11983 was published Nov 1, 2025

The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post... Moderate Unreviewed

CVE-2025-12118 was published Nov 1, 2025

The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions... Moderate Unreviewed

CVE-2025-11740 was published Nov 1, 2025

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2025-12090 was published Nov 1, 2025

The List category posts plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2025-11377 was published Nov 1, 2025

The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is... Moderate Unreviewed

CVE-2025-11927 was published Nov 1, 2025

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed

CVE-2025-12367 was published Nov 1, 2025

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11928 was published Nov 1, 2025

Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP... Moderate Unreviewed

CVE-2025-62275 was published Nov 1, 2025

The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all... Moderate Unreviewed

CVE-2025-11174 was published Nov 1, 2025

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages... Moderate Unreviewed

CVE-2025-11816 was published Nov 1, 2025

The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11922 was published Nov 1, 2025

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration... Moderate Unreviewed

CVE-2014-2349 was published May 17, 2022

The Document Library and the Adaptive Media modules in Liferay Portal 7.4.0 through 7.4.3.111,... Moderate Unreviewed

CVE-2025-62276 was published Nov 1, 2025

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding... Moderate Unreviewed

CVE-2025-12464 was published Nov 1, 2025

Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS... Moderate Unreviewed

CVE-2014-5397 was published May 17, 2022

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64367 was published Oct 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site... Moderate Unreviewed

CVE-2025-64368 was published Oct 31, 2025

Insertion of Sensitive Information Into Sent Data vulnerability in Rank Math SEO Rank Math SEO... Moderate Unreviewed

CVE-2025-64351 was published Oct 31, 2025

Stored Cross-Site Scripting (XSS) vulnerability in Energy CRM v2025 by Status Tracker Ltd,... Moderate Unreviewed

CVE-2025-40643 was published Oct 23, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

141,546 advisories