GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

276,374 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-12112 was published Nov 8, 2025

The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12064 was published Nov 8, 2025

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is... Moderate Unreviewed

CVE-2025-11972 was published Nov 8, 2025

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12000 was published Nov 8, 2025

The HTML Forms – Simple WordPress Forms Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-12125 was published Nov 8, 2025

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-9334 was published Nov 8, 2025

The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-7663 was published Nov 8, 2025

The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-12161 was published Nov 8, 2025

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded... Moderate Unreviewed

CVE-2025-12177 was published Nov 8, 2025

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And... Moderate Unreviewed

CVE-2025-12353 was published Nov 8, 2025

The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12193 was published Nov 8, 2025

The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12167 was published Nov 8, 2025

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2025-12042 was published Nov 8, 2025

The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions... Moderate Unreviewed

CVE-2025-11748 was published Nov 8, 2025

The Asgaros Forum plugin for WordPress is vulnerable to SQL Injection via the '$_COOKIE[... High Unreviewed

CVE-2025-11452 was published Nov 8, 2025

The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2025-12583 was published Nov 8, 2025

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80... Unknown Unreviewed

CVE-2025-12905 was published Nov 8, 2025

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Unknown Unreviewed

CVE-2025-12911 was published Nov 8, 2025

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local... Unknown Unreviewed

CVE-2025-12910 was published Nov 8, 2025

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the... High Unreviewed

CVE-2025-37736 was published Nov 8, 2025

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Unknown Unreviewed

CVE-2025-12906 was published Nov 8, 2025

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a... Unknown Unreviewed

CVE-2025-12909 was published Nov 8, 2025

Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140... Unknown Unreviewed

CVE-2025-12908 was published Nov 8, 2025

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80... Unknown Unreviewed

CVE-2025-12907 was published Nov 8, 2025

A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue... Unknown Unreviewed

CVE-2025-60574 was published Nov 8, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

276,374 advisories