GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,891

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

302,621 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-11186 was published Nov 22, 2025

A vulnerability has been identified in the libarchive library, specifically within the... Low Unreviewed

CVE-2025-5914 was published Jun 9, 2025

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath... Critical Unreviewed

CVE-2025-49794 was published Jun 16, 2025

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed

CVE-2025-49796 was published Jun 16, 2025

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that... High Unreviewed

CVE-2025-7425 was published Jul 10, 2025

Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting... Moderate Unreviewed

CVE-2025-66087 was published Nov 21, 2025

Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting... Moderate Unreviewed

CVE-2025-66077 was published Nov 21, 2025

Missing Authorization vulnerability in tychesoftwares Custom Order Numbers for WooCommerce custom... Moderate Unreviewed

CVE-2025-66071 was published Nov 21, 2025

Deserialization of Untrusted Data vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows... Moderate Unreviewed

CVE-2025-66073 was published Nov 21, 2025

Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows... Moderate Unreviewed

CVE-2025-66079 was published Nov 21, 2025

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown... Moderate Unreviewed

CVE-2025-12223 was published Oct 27, 2025

A security vulnerability has been detected in Bdtask Flight Booking Software up to 3.1. Affected... Moderate Unreviewed

CVE-2025-12222 was published Oct 27, 2025

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an... Moderate Unreviewed

CVE-2025-13185 was published Nov 14, 2025

A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this... Moderate Unreviewed

CVE-2025-13238 was published Nov 16, 2025

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is... Low Unreviewed

CVE-2025-12889 was published Nov 22, 2025

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... Unknown Unreviewed

CVE-2025-31216 was published Nov 22, 2025

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on... Low Unreviewed

CVE-2025-11933 was published Nov 22, 2025

A parsing issue in the handling of directory paths was addressed with improved path validation.... Unknown Unreviewed

CVE-2025-31248 was published Nov 22, 2025

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS... Unknown Unreviewed

CVE-2025-43374 was published Nov 22, 2025

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed

CVE-2025-11932 was published Nov 22, 2025

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... Low Unreviewed

CVE-2025-11931 was published Nov 22, 2025

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple... Moderate Unreviewed

CVE-2025-11936 was published Nov 22, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed

CVE-2025-12888 was published Nov 22, 2025

With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS ... Moderate Unreviewed

CVE-2025-11935 was published Nov 22, 2025

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly... Moderate Unreviewed

CVE-2025-0504 was published Nov 22, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

302,621 advisories