GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,897

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

277,897 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Booking Calendar Contact Form plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed

CVE-2025-13318 was published Nov 22, 2025

The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment... Moderate Unreviewed

CVE-2025-12752 was published Nov 22, 2025

The GSheetConnector For Ninja Forms plugin for WordPress is vulnerable to unauthorized access of... Moderate Unreviewed

CVE-2025-13136 was published Nov 22, 2025

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... Moderate Unreviewed

CVE-2025-12877 was published Nov 22, 2025

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Missing Authorization in... High Unreviewed

CVE-2025-13384 was published Nov 22, 2025

The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed

CVE-2025-13317 was published Nov 22, 2025

The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-11186 was published Nov 22, 2025

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is... Low Unreviewed

CVE-2025-12889 was published Nov 22, 2025

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on... Low Unreviewed

CVE-2025-11933 was published Nov 22, 2025

A parsing issue in the handling of directory paths was addressed with improved path validation.... Unknown Unreviewed

CVE-2025-31248 was published Nov 22, 2025

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS... Unknown Unreviewed

CVE-2025-43374 was published Nov 22, 2025

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed

CVE-2025-11932 was published Nov 22, 2025

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... Low Unreviewed

CVE-2025-11931 was published Nov 22, 2025

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple... Moderate Unreviewed

CVE-2025-11936 was published Nov 22, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed

CVE-2025-12888 was published Nov 22, 2025

A spoofing issue was addressed with improved truncation when displaying the fully qualified... Unknown Unreviewed

CVE-2025-31266 was published Nov 22, 2025

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Unknown Unreviewed

CVE-2025-12678 was published Nov 22, 2025

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in... Low Unreviewed

CVE-2025-11934 was published Nov 22, 2025

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... Unknown Unreviewed

CVE-2025-31216 was published Nov 22, 2025

With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS ... Moderate Unreviewed

CVE-2025-11935 was published Nov 22, 2025

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly... Moderate Unreviewed

CVE-2025-0504 was published Nov 22, 2025

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking... Moderate Unreviewed

CVE-2025-36149 was published Nov 21, 2025

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File... High Unreviewed

CVE-2025-11087 was published Nov 21, 2025

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on... Moderate Unreviewed

CVE-2025-13524 was published Nov 21, 2025

A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest... Moderate Unreviewed

CVE-2025-29934 was published Nov 21, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

277,897 advisories