GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,868
Composer 5,288
Erlang 41
GitHub Actions 42
Go 3,114
Maven 6,288
npm 5,007
NuGet 826
pip 4,428
Pub 12
RubyGems 988
Rust 1,171
Swift 50

Unreviewed advisories

All unreviewed 292,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110,708 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar... High Unreviewed

CVE-2026-1074 was published Mar 7, 2026

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... High Unreviewed

CVE-2025-14675 was published Mar 7, 2026

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-8899 was published Mar 7, 2026

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2026-2020 was published Mar 7, 2026

The Easy PHP Settings plugin for WordPress is vulnerable to PHP Code Injection in all versions up... High Unreviewed

CVE-2026-3352 was published Mar 7, 2026

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all... High Unreviewed

CVE-2025-14353 was published Mar 7, 2026

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing... High Unreviewed

CVE-2026-25071 was published Mar 7, 2026

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable... High Unreviewed

CVE-2026-25072 was published Mar 7, 2026

The WebSocket Application Programming Interface lacks restrictions on the number of... High Unreviewed

CVE-2026-20882 was published Mar 6, 2026

The WebSocket Application Programming Interface lacks restrictions on the number of... High Unreviewed

CVE-2026-24696 was published Mar 6, 2026

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication... High Unreviewed

CVE-2026-2754 was published Mar 6, 2026

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP... High Unreviewed

CVE-2026-2753 was published Mar 6, 2026

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to... High Unreviewed

CVE-2018-25199 was published Mar 6, 2026

Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access... High Unreviewed

CVE-2018-25187 was published Mar 6, 2026

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25181 was published Mar 6, 2026

Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25179 was published Mar 6, 2026

DoceboLMS 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25170 was published Mar 6, 2026

Alienor Web Libre 2.0 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed

CVE-2018-25175 was published Mar 6, 2026

Rmedia SMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25173 was published Mar 6, 2026

ServerZilla 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25196 was published Mar 6, 2026

PlayJoom 0.10.1 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed

CVE-2018-25197 was published Mar 6, 2026

Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows... High Unreviewed

CVE-2018-25182 was published Mar 6, 2026

Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed

CVE-2018-25188 was published Mar 6, 2026

Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of... High Unreviewed

CVE-2018-25189 was published Mar 6, 2026

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute... High Unreviewed

CVE-2018-25171 was published Mar 6, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110,708 advisories