Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,370 advisories

Loading
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-11161 was published Oct 15, 2025
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-11160 was published Oct 15, 2025
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with... Moderate Unreviewed
CVE-2025-31702 was published Oct 15, 2025
The Ova Advent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-8561 was published Oct 15, 2025
The Quick Featured Images plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2025-11176 was published Oct 15, 2025
The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode... Moderate Unreviewed
CVE-2025-10406 was published Oct 15, 2025
Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow... Moderate Unreviewed
CVE-2025-54278 was published Oct 15, 2025
Animate versions 23.0.13, 24.0.10 and earlier are affected by an out-of-bounds read vulnerability... Moderate Unreviewed
CVE-2025-54269 was published Oct 15, 2025
Animate versions 23.0.13, 24.0.10 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2025-54270 was published Oct 15, 2025
Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting ... Moderate Unreviewed
CVE-2025-61797 was published Oct 15, 2025
Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting ... Moderate Unreviewed
CVE-2025-54272 was published Oct 15, 2025
Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting ... Moderate Unreviewed
CVE-2025-61796 was published Oct 15, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54266 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54267 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54265 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54277 was published Oct 14, 2025
Stored Cross-Site Scripting (XSS) in Perfex CRM chatbot before 3.3.1 allows attackers to inject... Moderate Unreviewed
CVE-2025-60374 was published Oct 14, 2025
karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF). Moderate Unreviewed
CVE-2025-60540 was published Oct 14, 2025
NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of... Moderate Unreviewed
CVE-2025-33177 was published Oct 14, 2025
Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write... Moderate Unreviewed
CVE-2025-54275 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when... Moderate Unreviewed
CVE-2022-49048 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed... Moderate Unreviewed
CVE-2022-49052 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus:... Moderate Unreviewed
CVE-2022-49054 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in... Moderate Unreviewed
CVE-2022-49064 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virt_addr_valid... Moderate Unreviewed
CVE-2022-49067 was published Oct 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database