GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,513
Composer 4,830
Erlang 36
GitHub Actions 33
Go 2,449
Maven 5,849
npm 4,066
NuGet 723
pip 3,868
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,193

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,757 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed

CVE-2025-7654 was published Aug 19, 2025

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12575 was published Aug 16, 2025

This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3... Moderate Unreviewed

CVE-2025-43201 was published Aug 16, 2025

There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of... Moderate Unreviewed

CVE-2025-26709 was published Aug 15, 2025

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less... Moderate Unreviewed

CVE-2025-8091 was published Aug 15, 2025

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the... Moderate Unreviewed

CVE-2025-9005 was published Aug 15, 2025

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2025-8676 was published Aug 15, 2025

The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its... Moderate Unreviewed

CVE-2025-50862 was published Aug 14, 2025

Information Disclosure in Amazon ECS Container Agent Moderate

CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025

A security issue in the runtime event system allows unauthenticated connections to receive a... High Unreviewed

CVE-2025-9036 was published Aug 14, 2025

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid... Critical Unreviewed

CVE-2025-27845 was published Aug 14, 2025

Apache Superset data query improperly discloses database schema information to low-privileged guest user Moderate

CVE-2025-55673 was published for apache-superset (pip) Aug 14, 2025

An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service... Critical Unreviewed

CVE-2025-43986 was published Aug 13, 2025

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi),... High Unreviewed

CVE-2025-43988 was published Aug 13, 2025

Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an... High Unreviewed

CVE-2025-53781 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed

CVE-2025-53728 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an... Moderate Unreviewed

CVE-2025-53136 was published Aug 12, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed

CVE-2025-53134 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an... Moderate Unreviewed

CVE-2025-53156 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed

CVE-2025-50154 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an... High Unreviewed

CVE-2025-33051 was published Aug 12, 2025

Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed

CVE-2025-27707 was published Aug 12, 2025

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to... High Unreviewed

CVE-2025-3831 was published Aug 12, 2025

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed

CVE-2025-40768 was published Aug 12, 2025

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2025-4390 was published Aug 12, 2025

Previous 1 2 3 4 5 … 390 391 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,757 advisories