GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,816
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,920
npm 4,119
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

137,070 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Maspik – Ultimate Spam Protection plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9888 was published Sep 10, 2025

The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed

CVE-2025-6189 was published Sep 10, 2025

The MyBrain Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10126 was published Sep 10, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2025-8778 was published Sep 10, 2025

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net... Moderate Unreviewed

CVE-2025-9463 was published Sep 10, 2025

The WP Blast | SEO & Performance Booster plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9622 was published Sep 10, 2025

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle... Moderate Unreviewed

CVE-2025-10095 was published Sep 9, 2025

The PowerPack Elementor Addons (Free Widgets, Extensions and Templates) plugin for WordPress is... Moderate Unreviewed

CVE-2025-8388 was published Sep 10, 2025

A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function... Moderate Unreviewed

CVE-2025-10195 was published Sep 10, 2025

A vulnerability was found in HJSoft HCM Human Resources Management System up to 20250822.... Moderate Unreviewed

CVE-2025-10197 was published Sep 10, 2025

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'... Moderate Unreviewed

CVE-2025-9997 was published Sep 10, 2025

Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a... Moderate Unreviewed

CVE-2025-49458 was published Sep 10, 2025

Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to... Moderate Unreviewed

CVE-2025-49461 was published Sep 10, 2025

Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated... Moderate Unreviewed

CVE-2025-49460 was published Sep 10, 2025

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon... Moderate Unreviewed

CVE-2025-58131 was published Sep 10, 2025

Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated... Moderate Unreviewed

CVE-2025-58134 was published Sep 10, 2025

Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an... Moderate Unreviewed

CVE-2025-58135 was published Sep 10, 2025

The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of... Moderate Unreviewed

CVE-2025-9111 was published Sep 9, 2025

In pfSense CE /suricata/suricata_ip_reputation.php, the value of the iplist parameter is not... Moderate Unreviewed

CVE-2025-34176 was published Sep 9, 2025

In pfSense CE /suricata/suricata_flow_stream.php, the value of the policy_name parameter is not... Moderate Unreviewed

CVE-2025-34177 was published Sep 9, 2025

Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT (Quantenna SoC... Moderate Unreviewed

CVE-2025-54083 was published Sep 9, 2025

In pfSense CE /suricata/suricata_app_parsers.php, the value of the policy_name parameter is not... Moderate Unreviewed

CVE-2025-34178 was published Sep 9, 2025

After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read... Moderate Unreviewed

CVE-2025-54241 was published Sep 9, 2025

After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read... Moderate Unreviewed

CVE-2025-54240 was published Sep 9, 2025

After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read... Moderate Unreviewed

CVE-2025-54239 was published Sep 9, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

137,070 advisories