GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,698

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,299 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an... Moderate Unreviewed

CVE-2025-12038 was published Nov 1, 2025

Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP... Moderate Unreviewed

CVE-2025-62275 was published Nov 1, 2025

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability... High Unreviewed

CVE-2025-34273 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R1 contain an incorrect authorization vulnerability.... High Unreviewed

CVE-2023-7322 was published Oct 31, 2025

GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4... Moderate Unreviewed

CVE-2025-11971 was published Oct 27, 2025

The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for... Low Unreviewed

CVE-2025-11888 was published Oct 25, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not... Moderate Unreviewed

CVE-2025-62651 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the... Moderate Unreviewed

CVE-2025-62647 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed

CVE-2025-62648 was published Oct 17, 2025

An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed

CVE-2025-6892 was published Oct 17, 2025

An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to... Moderate Unreviewed

CVE-2025-9955 was published Oct 16, 2025

Due to an insufficient access control implementation in multiple WSO2 Products, authentication... Critical Unreviewed

CVE-2025-10611 was published Oct 16, 2025

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed

CVE-2025-54277 was published Oct 14, 2025

SAP S/4HANA (Manage Processing Rules - For Bank Statements) allows an authenticated attacker with... Moderate Unreviewed

CVE-2025-42939 was published Oct 14, 2025

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization... Moderate Unreviewed

CVE-2025-7374 was published Oct 10, 2025

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to... High Unreviewed

CVE-2025-11340 was published Oct 9, 2025

Nagios Log Server before 2024R1.3.2 allows authenticated users (with read-only API access) to... High Unreviewed

CVE-2025-44824 was published Oct 7, 2025

An access control vulnerability was discovered in the CLI functionality due to a specific access... High Unreviewed

CVE-2025-3719 was published Oct 7, 2025

The YoSmart YoLink MQTT broker through 2025-10-02 does not enforce sufficient authorization... Moderate Unreviewed

CVE-2025-59449 was published Oct 6, 2025

The YoSmart YoLink application through 2025-10-02 has session tokens with unexpectedly long... Low Unreviewed

CVE-2025-59451 was published Oct 6, 2025

OpenSupports exposes an endpoint that allows the list of 'supervised users' for any account to be... High Unreviewed

CVE-2025-10696 was published Oct 3, 2025

A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call... Moderate Unreviewed

CVE-2025-49641 was published Oct 3, 2025

A regular Zabbix user can search other users in their user group via Zabbix API by select fields... Low Unreviewed

CVE-2025-27236 was published Oct 3, 2025

Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to... Low Unreviewed

CVE-2025-11239 was published Oct 2, 2025

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it... High Unreviewed

CVE-2025-41246 was published Sep 29, 2025

Previous1…92 Next

Previous 1 2 3 4 5 … 91 92 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,299 advisories