GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,702
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,662
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,507 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

The Holiday class post calendar plugin for WordPress is vulnerable to Remote Code Execution in... Critical Unreviewed

CVE-2025-12813 was published Nov 11, 2025

The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2025-11170 was published Nov 11, 2025

The EasyCommerce – AI-Powered, Fast & Beautiful WordPress Ecommerce Plugin plugin for WordPress... Critical Unreviewed

CVE-2025-11457 was published Nov 11, 2025

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert... Critical Unreviewed

CVE-2025-42887 was published Nov 11, 2025

SQL Anywhere Monitor (Non-GUI) baked credentials into the code,exposing the resources or... Critical Unreviewed

CVE-2025-42890 was published Nov 11, 2025

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that... Critical Unreviewed

CVE-2021-4462 was published Nov 11, 2025

Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an... Critical Unreviewed

CVE-2025-63601 was published Nov 5, 2025

Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12218 was published Oct 25, 2025

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1... Critical Unreviewed

CVE-2025-12601 was published Nov 1, 2025

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure... Critical Unreviewed

CVE-2025-64689 was published Nov 10, 2025

Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5;... Critical Unreviewed

CVE-2025-12515 was published Oct 30, 2025

Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed

CVE-2025-12516 was published Oct 30, 2025

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2... Critical Unreviewed

CVE-2025-12599 was published Nov 1, 2025

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1... Critical Unreviewed

CVE-2025-12600 was published Nov 1, 2025

Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed

CVE-2025-12553 was published Oct 31, 2025

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This... Critical Unreviewed

CVE-2025-12216 was published Oct 25, 2025

Vulnerable Components in Azure Access OS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Critical Unreviewed

CVE-2025-12219 was published Oct 25, 2025

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed

CVE-2025-12220 was published Oct 25, 2025

Undocumented administrative accounts were getting created to facilitate access for applications... Critical Unreviewed

CVE-2025-12176 was published Oct 24, 2025

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12364 was published Oct 27, 2025

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12363 was published Oct 27, 2025

New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability,... Critical Unreviewed

CVE-2025-12868 was published Nov 10, 2025

Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a... Critical Unreviewed

CVE-2020-36870 was published Nov 8, 2025

Previous 1…8…400 Next

Previous 1 2 … 6 7 8 9 10 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,507 advisories