GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,802
Composer 4,866
Erlang 36
GitHub Actions 36
Go 2,492
Maven 5,918
npm 4,114
NuGet 735
pip 3,938
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,894

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

137,053 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file ... Moderate Unreviewed

CVE-2025-9715 was published Sep 10, 2025

A flaw has been found in O2OA up to 10.0-410. Affected is an unknown function of the file ... Moderate Unreviewed

CVE-2025-9681 was published Sep 10, 2025

A vulnerability was detected in O2OA up to 10.0-410. This impacts an unknown function of the file... Moderate Unreviewed

CVE-2025-9680 was published Sep 10, 2025

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon... Moderate Unreviewed

CVE-2025-10227 was published Sep 10, 2025

Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One 2.0.2... Moderate Unreviewed

CVE-2025-10224 was published Sep 10, 2025

A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected... Moderate Unreviewed

CVE-2025-9695 was published Sep 10, 2025

A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this... Moderate Unreviewed

CVE-2025-9694 was published Sep 10, 2025

Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in... Moderate Unreviewed

CVE-2025-10221 was published Sep 10, 2025

Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump... Moderate Unreviewed

CVE-2025-10222 was published Sep 10, 2025

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to... Moderate Unreviewed

CVE-2025-10223 was published Sep 10, 2025

Reflected Cross-Site Scripting (XSS) vulnerability in Azon Dominator. This vulnerability allows... Moderate Unreviewed

CVE-2025-40725 was published Sep 10, 2025

The Heateor Login – Social Login Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-9857 was published Sep 10, 2025

It is possible to bypass the administrator login screen on SolaX Cloud. An attacker could use... Moderate Unreviewed

CVE-2025-36757 was published Sep 10, 2025

The Maspik plugin for WordPress is vulnerable to Missing Authorization in version 2.5.6 and prior... Moderate Unreviewed

CVE-2025-9979 was published Sep 10, 2025

The PagBank / PagSeguro Connect para WooCommerce plugin for WordPress is vulnerable to SQL... Moderate Unreviewed

CVE-2025-10142 was published Sep 10, 2025

The Auto Save Remote Images (Drafts) plugin for WordPress is vulnerable to Server-Side Request... Moderate Unreviewed

CVE-2025-7843 was published Sep 10, 2025

The Testimonial plugin for WordPress is vulnerable to SQL Injection via the 'iNICtestimonial'... Moderate Unreviewed

CVE-2025-7826 was published Sep 10, 2025

The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-9367 was published Sep 10, 2025

It is possible to bypass the clipping level of authentication attempts in SolaX Cloud through the... Moderate Unreviewed

CVE-2025-36758 was published Sep 10, 2025

A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX... Moderate Unreviewed

CVE-2025-36756 was published Sep 10, 2025

The Maspik – Ultimate Spam Protection plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9888 was published Sep 10, 2025

The MyBrain Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10126 was published Sep 10, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2025-8778 was published Sep 10, 2025

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net... Moderate Unreviewed

CVE-2025-9463 was published Sep 10, 2025

The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed

CVE-2025-6189 was published Sep 10, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

137,053 advisories