Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,413 advisories

Loading
A low privileged remote attacker can upload a new or overwrite an existing python script by using... High Unreviewed
CVE-2025-41736 was published Nov 18, 2025
The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing... High Unreviewed
CVE-2025-12955 was published Nov 18, 2025
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-4212 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
A low privileged remote attacker can upload any file to an arbitrary location due to missing file... High Unreviewed
CVE-2025-41735 was published Nov 18, 2025
Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del... High Unreviewed
CVE-2025-41347 was published Nov 18, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use... High Unreviewed
CVE-2025-6670 was published Nov 18, 2025
Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting... High Unreviewed
CVE-2025-10089 was published Nov 18, 2025
The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions... High Unreviewed
CVE-2025-12528 was published Nov 18, 2025
The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2025-11620 was published Nov 18, 2025
The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-12411 was published Nov 18, 2025
The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all... High Unreviewed
CVE-2025-12775 was published Nov 18, 2025
The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2025-13088 was published Nov 18, 2025
There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After... High Unreviewed
CVE-2025-8076 was published Nov 18, 2025
There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After... High Unreviewed
CVE-2025-8727 was published Nov 18, 2025
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-12974 was published Nov 18, 2025
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due... High Unreviewed
CVE-2025-48593 was published Nov 18, 2025
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0... High Unreviewed
CVE-2025-8693 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13228 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13230 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13227 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13226 was published Nov 18, 2025
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... High Unreviewed
CVE-2025-13229 was published Nov 18, 2025
A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3... High Unreviewed
CVE-2025-32089 was published Nov 18, 2025
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD... High Unreviewed
CVE-2025-31361 was published Nov 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database