GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,378

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,910 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript... Critical Unreviewed

CVE-2025-12682 was published Nov 4, 2025

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution ... Critical Unreviewed

CVE-2025-12493 was published Nov 4, 2025

The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a... Critical Unreviewed

CVE-2025-12158 was published Nov 4, 2025

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a... Critical Unreviewed

CVE-2025-11007 was published Nov 4, 2025

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Critical Unreviewed

CVE-2025-11008 was published Nov 4, 2025

Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an... Critical Unreviewed

CVE-2024-13997 was published Nov 4, 2025

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. Critical Unreviewed

CVE-2025-63451 was published Nov 3, 2025

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras... Critical Unreviewed

CVE-2025-12463 was published Nov 3, 2025

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php. Critical Unreviewed

CVE-2025-63452 was published Nov 3, 2025

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. Critical Unreviewed

CVE-2025-63453 was published Nov 3, 2025

The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to,... Critical Unreviewed

CVE-2025-8900 was published Nov 3, 2025

Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand... Critical Unreviewed

CVE-2025-0987 was published Nov 3, 2025

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1... Critical Unreviewed

CVE-2025-12600 was published Nov 1, 2025

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1... Critical Unreviewed

CVE-2025-12601 was published Nov 1, 2025

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2... Critical Unreviewed

CVE-2025-12599 was published Nov 1, 2025

The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for... Critical Unreviewed

CVE-2025-11499 was published Nov 1, 2025

The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for... Critical Unreviewed

CVE-2025-11833 was published Nov 1, 2025

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed

CVE-2025-64348 was published Oct 31, 2025

Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed

CVE-2025-12553 was published Oct 31, 2025

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1... Critical Unreviewed

CVE-2025-29270 was published Oct 31, 2025

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the... Critical Unreviewed

CVE-2025-64385 was published Oct 31, 2025

Denial of service of the web server through specific requests to this protocol Critical Unreviewed

CVE-2025-64388 was published Oct 31, 2025

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in... Critical Unreviewed

CVE-2025-57108 was published Oct 31, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-6520 was published Oct 31, 2025

The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor... Critical Unreviewed

CVE-2025-8489 was published Oct 31, 2025

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,910 advisories