GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,261
Composer 4,904
Erlang 38
GitHub Actions 38
Go 2,566
Maven 6,033
npm 4,237
NuGet 753
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,766

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,418 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Creativeitem Academy LMS up to and including 5.13 uses predictable password reset tokens based on... Moderate Unreviewed

CVE-2025-56748 was published Oct 15, 2025

A directory traversal vulnerability exists in TMUI that allows an authenticated attacker to... Moderate Unreviewed

CVE-2025-54755 was published Oct 15, 2025

When an iRule is configured on a virtual server via the declarative API, upon re-instantiation,... Moderate Unreviewed

CVE-2025-54805 was published Oct 15, 2025

On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are... Moderate Unreviewed

CVE-2025-59268 was published Oct 15, 2025

On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data... Moderate Unreviewed

CVE-2025-58424 was published Oct 15, 2025

When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF... Moderate Unreviewed

CVE-2025-58474 was published Oct 15, 2025

When a user attempts to initialize the rSeries FIPS module using a password with special shell... Moderate Unreviewed

CVE-2025-60013 was published Oct 15, 2025

An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory... Moderate Unreviewed

CVE-2025-60015 was published Oct 15, 2025

Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. This vulnerability allows an attacker... Moderate Unreviewed

CVE-2025-10869 was published Oct 15, 2025

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could... Moderate Unreviewed

CVE-2025-9640 was published Oct 15, 2025

The Zip Attachments plugin for WordPress is vulnerable to unauthorized loss of data due to a... Moderate Unreviewed

CVE-2025-11692 was published Oct 15, 2025

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and... Moderate Unreviewed

CVE-2025-11728 was published Oct 15, 2025

The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-10486 was published Oct 15, 2025

The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10648 was published Oct 15, 2025

The URLYar URL Shortner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10133 was published Oct 15, 2025

The WP ViewSTL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-10135 was published Oct 15, 2025

The WP BookWidgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10139 was published Oct 15, 2025

The Quick Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10140 was published Oct 15, 2025

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-10141 was published Oct 15, 2025

The Shortcode Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10194 was published Oct 15, 2025

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is... Moderate Unreviewed

CVE-2025-10186 was published Oct 15, 2025

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-11701 was published Oct 15, 2025

The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode... Moderate Unreviewed

CVE-2025-10575 was published Oct 15, 2025

The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and... Moderate Unreviewed

CVE-2025-10682 was published Oct 15, 2025

The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-10301 was published Oct 15, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

129,418 advisories