GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,510
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,728

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

141,608 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11928 was published Nov 1, 2025

The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is... Moderate Unreviewed

CVE-2025-11927 was published Nov 1, 2025

Liferay Portal and DXP do not check permissions of images in a blog entry Moderate

CVE-2025-62275 was published for com.liferay:com.liferay.blogs.item.selector.web (Maven) Nov 1, 2025

The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all... Moderate Unreviewed

CVE-2025-11174 was published Nov 1, 2025

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages... Moderate Unreviewed

CVE-2025-11816 was published Nov 1, 2025

The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11922 was published Nov 1, 2025

Liferay Portal and DXP use an incorrect cache-control header Moderate

CVE-2025-62276 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Nov 1, 2025

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding... Moderate Unreviewed

CVE-2025-12464 was published Nov 1, 2025

Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker... Moderate Unreviewed

CVE-2025-60711 was published Oct 31, 2025

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient... Moderate Unreviewed

CVE-2025-63562 was published Oct 31, 2025

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly... Moderate Unreviewed

CVE-2025-63563 was published Oct 31, 2025

A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability... Moderate Unreviewed

CVE-2025-12547 was published Oct 31, 2025

A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an... Moderate Unreviewed

CVE-2025-12546 was published Oct 31, 2025

Liferay Portal and DXP affected by multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page Moderate

CVE-2025-62267 was published for com.liferay:com.liferay.dynamic.data.mapping.item.selector.web (Maven) Oct 31, 2025

Liferay Portal Vulnerable to Reflected XSS via the selectedLanguageId Parameter Moderate

CVE-2025-62264 was published for com.liferay.portal:release.portal.bom (Maven) Oct 31, 2025

Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Moderate Unreviewed

CVE-2025-12554 was published Oct 31, 2025

Insufficient Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Moderate Unreviewed

CVE-2025-12552 was published Oct 31, 2025

Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized... Moderate Unreviewed

CVE-2025-59501 was published Oct 31, 2025

Ansible does not collect garbage after playbook run Moderate

CVE-2020-25635 was published for ansible (pip) Oct 31, 2025

Nagios XI versions prior to < 2024R1.1 is vulnerable to a cross-site scripting (XSS) when a user... Moderate Unreviewed

CVE-2024-13992 was published Oct 31, 2025

Tampering of the registry entries might have led to preventing the ESET security products from... Moderate Unreviewed

CVE-2025-4952 was published Oct 31, 2025

A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0... Moderate Unreviewed

CVE-2025-61427 was published Oct 31, 2025

The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12521 was published Oct 31, 2025

An XSS issue was discovered in Afterlogic Aurora webmail version 9.8.3 and below. An attacker can... Moderate Unreviewed

CVE-2025-12460 was published Oct 31, 2025

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack,... Moderate Unreviewed

CVE-2025-64387 was published Oct 31, 2025

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

141,608 advisories