Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

133,964 advisories

Loading
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18... Moderate Unreviewed
CVE-2025-14157 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6,... Moderate Unreviewed
CVE-2025-4097 was published Dec 11, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 13.2 before 18.4.6, 18.5... Moderate Unreviewed
CVE-2025-11247 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18... Moderate Unreviewed
CVE-2025-13978 was published Dec 11, 2025
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-9436 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1 before 18.4.6, 18... Moderate Unreviewed
CVE-2025-11984 was published Dec 11, 2025
The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ... Moderate Unreviewed
CVE-2025-10163 was published Dec 11, 2025
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed
CVE-2025-11467 was published Dec 11, 2025
Chyrp 2.5.2 contains a stored cross-site scripting vulnerability that allows authenticated users... Moderate Unreviewed
CVE-2024-58285 was published Dec 11, 2025
External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an... Moderate Unreviewed
CVE-2025-67461 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64869 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64872 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-64887 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64863 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-64888 was published Dec 10, 2025
SpinetiX Fusion Digital Signage 3.4.8 contains a cross-site request forgery vulnerability that... Moderate Unreviewed
CVE-2020-36886 was published Dec 10, 2025
SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login... Moderate Unreviewed
CVE-2020-36888 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64873 was published Dec 10, 2025
Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration. This... Moderate Unreviewed
CVE-2025-62181 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64881 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64875 was published Dec 10, 2025
BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated... Moderate Unreviewed
CVE-2020-36884 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64861 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64852 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-64840 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database