Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,464 advisories

Loading
A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function... High Unreviewed
CVE-2025-12595 was published Nov 2, 2025
A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function... High Unreviewed
CVE-2025-12596 was published Nov 2, 2025
IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM... High Unreviewed
CVE-2025-36367 was published Nov 1, 2025
The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2025-12171 was published Nov 1, 2025
The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and... High Unreviewed
CVE-2025-6990 was published Nov 1, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed
CVE-2025-6574 was published Nov 1, 2025
The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Remote Code... High Unreviewed
CVE-2025-10487 was published Nov 1, 2025
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for... High Unreviewed
CVE-2025-11755 was published Nov 1, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed
CVE-2025-5949 was published Nov 1, 2025
The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via event... High Unreviewed
CVE-2025-11995 was published Nov 1, 2025
The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to... High Unreviewed
CVE-2025-11920 was published Nov 1, 2025
When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will... High Unreviewed
CVE-2025-10693 was published Oct 31, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target... High Unreviewed
CVE-2025-64349 was published Oct 31, 2025
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in... High Unreviewed
CVE-2025-62618 was published Oct 31, 2025
Agno session state overwrites between different sessions/users High
CVE-2025-64168 was published for agno (pip) Oct 31, 2025
JasonLovesDoggo
Credited to JasonLovesDoggo
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63465 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63464 was published Oct 31, 2025
The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way... High Unreviewed
CVE-2025-12507 was published Oct 31, 2025
By manipulating the Signal Level Attenuation Characterization (SLAC) protocol with spoofed... High Unreviewed
CVE-2025-12357 was published Oct 31, 2025
When using domain users as BRAIN2 users, communication with Active Directory services is... High Unreviewed
CVE-2025-12508 was published Oct 31, 2025
On a client with an admin user, a Global_Shipping script can be implemented. The script could... High Unreviewed
CVE-2025-12509 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63469 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the... High Unreviewed
CVE-2025-63468 was published Oct 31, 2025
Integer overflow in GameMaker IDE below 2024.14.0 version can lead to can lead to application... High Unreviewed
CVE-2025-12501 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database