Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

10,032 advisories

Loading
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store... High Unreviewed
CVE-2025-63891 was published Nov 14, 2025
An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1... High Unreviewed
CVE-2025-54345 was published Nov 14, 2025
In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly... Moderate Unreviewed
CVE-2025-12149 was published Nov 14, 2025
Mattermost allows system administrators to access password hashes and MFA secrets Moderate
CVE-2025-11794 was published for github.com/mattermost/mattermost-server (Go) Nov 14, 2025
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed
CVE-2025-12785 was published Nov 13, 2025
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed
CVE-2025-12784 was published Nov 13, 2025
The Comment Edit Core – Simple Comment Editing plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-12681 was published Nov 13, 2025
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20379 was published Nov 12, 2025
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12732 was published Nov 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed
CVE-2025-62206 was published Nov 11, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an... Moderate Unreviewed
CVE-2025-59240 was published Nov 11, 2025
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the... High Unreviewed
CVE-2025-11697 was published Nov 11, 2025
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR... Critical Unreviewed
CVE-2017-20210 was published Nov 11, 2025
The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12010 was published Nov 11, 2025
The Document Pro Elementor – Documentation & Knowledge Base plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-11997 was published Nov 11, 2025
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... Moderate Unreviewed
CVE-2025-12098 was published Nov 8, 2025
KubeVirt Vulnerable to Arbitrary Host File Read and Write High
CVE-2025-64324 was published for kubevirt.io/kubevirt (Go) Nov 7, 2025
mihailkirov Faeris95
jean-edouard
Credited to mihailkirov, Faeris95, and jean-edouard
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean... Moderate Unreviewed
CVE-2025-55342 was published Nov 5, 2025
ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests... Moderate Unreviewed
CVE-2025-59716 was published Nov 5, 2025
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an... Moderate Unreviewed
CVE-2025-20377 was published Nov 5, 2025
The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin... Moderate Unreviewed
CVE-2025-12468 was published Nov 5, 2025
The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is... High Unreviewed
CVE-2025-12139 was published Nov 5, 2025
The KiotViet Sync plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12677 was published Nov 5, 2025
The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Critical Unreviewed
CVE-2025-11749 was published Nov 5, 2025
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080,... High Unreviewed
CVE-2025-54323 was published Nov 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database