GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,223
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,556
Maven 6,026
npm 4,228
NuGet 751
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,645

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,302 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was reported in the Lenovo LeCloud client application that, under certain... Moderate Unreviewed

CVE-2025-10699 was published Oct 15, 2025

A potential null pointer dereference vulnerability was reported in the Lenovo Power Management... Moderate Unreviewed

CVE-2025-9548 was published Oct 15, 2025

On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are... Moderate Unreviewed

CVE-2025-59268 was published Oct 15, 2025

When an iRule is configured on a virtual server via the declarative API, upon re-instantiation,... Moderate Unreviewed

CVE-2025-54805 was published Oct 15, 2025

On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data... Moderate Unreviewed

CVE-2025-58424 was published Oct 15, 2025

A directory traversal vulnerability exists in TMUI that allows an authenticated attacker to... Moderate Unreviewed

CVE-2025-54755 was published Oct 15, 2025

An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory... Moderate Unreviewed

CVE-2025-60015 was published Oct 15, 2025

When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF... Moderate Unreviewed

CVE-2025-58474 was published Oct 15, 2025

When a user attempts to initialize the rSeries FIPS module using a password with special shell... Moderate Unreviewed

CVE-2025-60013 was published Oct 15, 2025

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could... Moderate Unreviewed

CVE-2025-9640 was published Oct 15, 2025

Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. This vulnerability allows an attacker... Moderate Unreviewed

CVE-2025-10869 was published Oct 15, 2025

The URLYar URL Shortner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10133 was published Oct 15, 2025

The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-10301 was published Oct 15, 2025

The TopBar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-10300 was published Oct 15, 2025

The Rich Snippet Site Report plugin for WordPress is vulnerable to SQL Injection via the 'last'... Moderate Unreviewed

CVE-2025-10310 was published Oct 15, 2025

The Shortcode Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10194 was published Oct 15, 2025

The WP ViewSTL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-10135 was published Oct 15, 2025

The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-10486 was published Oct 15, 2025

The Quick Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10140 was published Oct 15, 2025

The WP BookWidgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10139 was published Oct 15, 2025

The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode... Moderate Unreviewed

CVE-2025-10575 was published Oct 15, 2025

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-10312 was published Oct 15, 2025

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is... Moderate Unreviewed

CVE-2025-10186 was published Oct 15, 2025

The Library Management System plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-10303 was published Oct 15, 2025

The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber... Moderate Unreviewed

CVE-2025-10730 was published Oct 15, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

129,302 advisories