GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,266
Composer 5,116
Erlang 40
GitHub Actions 38
Go 2,796
Maven 6,188
npm 4,410
NuGet 772
pip 4,181
Pub 12
RubyGems 965
Rust 1,078
Swift 45

Unreviewed advisories

All unreviewed 284,742

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

147,247 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Gutenverse Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2025-14984 was published Jan 8, 2026

A vulnerability was identified in code-projects Intern Membership Management System 1.0. Affected... Moderate Unreviewed

CVE-2026-0701 was published Jan 8, 2026

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Affected... Moderate Unreviewed

CVE-2026-0700 was published Jan 8, 2026

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-13679 was published Jan 8, 2026

A vulnerability was found in code-projects Intern Membership Management System 1.0. This impacts... Moderate Unreviewed

CVE-2026-0699 was published Jan 8, 2026

A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive... Moderate Unreviewed

CVE-2026-0707 was published Jan 8, 2026

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This... Moderate Unreviewed

CVE-2026-0698 was published Jan 8, 2026

A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted... Moderate Unreviewed

CVE-2026-0697 was published Jan 8, 2026

The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in... Moderate Unreviewed

CVE-2019-25295 was published Jan 8, 2026

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... Moderate Unreviewed

CVE-2025-14275 was published Jan 8, 2026

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager... Moderate Unreviewed

CVE-2025-12640 was published Jan 8, 2026

Smartliving SmartLAN/G/SI <=6.x contains an unauthenticated server-side request forgery... Moderate Unreviewed

CVE-2019-25290 was published Jan 8, 2026

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android... Moderate Unreviewed

CVE-2025-62224 was published Jan 8, 2026

A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is... Moderate Unreviewed

CVE-2023-7333 was published Jan 8, 2026

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that... Moderate Unreviewed

CVE-2019-25279 was published Jan 8, 2026

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting... Moderate Unreviewed

CVE-2019-25284 was published Jan 8, 2026

Yahei-PHP Prober 0.4.7 contains a remote HTML injection vulnerability that allows attackers to... Moderate Unreviewed

CVE-2019-25280 was published Jan 8, 2026

V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that... Moderate Unreviewed

CVE-2019-25282 was published Jan 8, 2026

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery... Moderate Unreviewed

CVE-2019-25259 was published Jan 8, 2026

FaceSentry Access Control System 6.4.8 contains a cross-site scripting vulnerability in the 'msg'... Moderate Unreviewed

CVE-2019-25277 was published Jan 8, 2026

SOCA Access Control System 180612 contains a cross-site scripting vulnerability in the 'senddata'... Moderate Unreviewed

CVE-2019-25270 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2026-0670 was published Jan 7, 2026

Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker... Moderate Unreviewed

CVE-2026-22187 was published Jan 7, 2026

Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service... Moderate Unreviewed

CVE-2026-22188 was published Jan 7, 2026

Bio-Formats versions up to and including 8.3.0 contain an XML External Entity (XXE) vulnerability... Moderate Unreviewed

CVE-2026-22186 was published Jan 7, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

147,247 advisories