GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,100

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118,901 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly... Moderate Unreviewed

CVE-2025-46421 was published Apr 24, 2025

A flaw was found in libsoup. It is vulnerable to memory leaks in the... Moderate Unreviewed

CVE-2025-46420 was published Apr 24, 2025

Denial of service due to allocation of resources without limits. The following products are... Moderate Unreviewed

CVE-2025-30409 was published Apr 24, 2025

Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2025-30408 was published Apr 24, 2025

Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed

CVE-2021-47664 was published Apr 24, 2025

The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-3832 was published Apr 24, 2025

The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account... Moderate Unreviewed

CVE-2025-3793 was published Apr 24, 2025

The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for... Moderate Unreviewed

CVE-2025-1284 was published Apr 24, 2025

The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is... Moderate Unreviewed

CVE-2025-3280 was published Apr 24, 2025

The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File... Moderate Unreviewed

CVE-2025-2579 was published Apr 24, 2025

The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-13307 was published Apr 24, 2025

The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-2543 was published Apr 24, 2025

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed

CVE-2025-32730 was published Apr 24, 2025

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE... Moderate Unreviewed

CVE-2025-0639 was published Apr 24, 2025

An issue has been discovered in access controls could allow users to view certain restricted... Moderate Unreviewed

CVE-2024-12244 was published Apr 24, 2025

The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-3435 was published Apr 24, 2025

The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2025-1453 was published Apr 24, 2025

Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet. Moderate Unreviewed

CVE-2025-46419 was published Apr 24, 2025

IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow... Moderate Unreviewed

CVE-2024-22351 was published Apr 24, 2025

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users... Moderate Unreviewed

CVE-2025-27581 was published Apr 24, 2025

IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a... Moderate Unreviewed

CVE-2025-25045 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site... Moderate Unreviewed

CVE-2025-3907 was published Apr 23, 2025

BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure... Moderate Unreviewed

CVE-2025-2772 was published Apr 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-3901 was published Apr 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-3900 was published Apr 23, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

118,901 advisories