Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

124,386 advisories

Loading
The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to... Moderate Unreviewed
CVE-2025-7694 was published Aug 2, 2025
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-8146 was published Aug 2, 2025
A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0... Moderate Unreviewed
CVE-2013-10063 was published Aug 1, 2025
A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500... Moderate Unreviewed
CVE-2013-10062 was published Aug 1, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53715 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53713 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53712 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53714 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53711 was published Jul 29, 2025
A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8224 was published Jul 27, 2025
A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed
CVE-2025-43276 was published Jul 30, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed
CVE-2025-46018 was published Aug 1, 2025
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to... Moderate Unreviewed
CVE-2025-2713 was published Mar 28, 2025
A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP... Moderate Unreviewed
CVE-2025-50868 was published Aug 1, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting.... Moderate Unreviewed
CVE-2025-33118 was published Aug 1, 2025
A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of... Moderate Unreviewed
CVE-2025-50869 was published Aug 1, 2025
Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2025-8473 was published Aug 1, 2025
Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This... Moderate Unreviewed
CVE-2025-8474 was published Aug 1, 2025
A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0... Moderate Unreviewed
CVE-2025-45778 was published Aug 1, 2025
An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated... Moderate Unreviewed
CVE-2025-3277 was published Apr 14, 2025
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of... Moderate Unreviewed
CVE-2021-1440 was published Nov 18, 2024
The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2025-5921 was published Aug 1, 2025
The Sina Extension for Elementor (Header Builder, Footer Builter, Theme Builder, Slider, Gallery,... Moderate Unreviewed
CVE-2025-6228 was published Aug 1, 2025
The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids,... Moderate Unreviewed
CVE-2025-4684 was published Aug 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database