Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

10,028 advisories

Loading
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands High
CVE-2025-66623 was published for io.strimzi:strimzi (Maven) Dec 5, 2025
scholzj ppatierno
im-konge
Credited to scholzj, ppatierno, and im-konge
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-13006 was published Dec 5, 2025
The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-13494 was published Dec 5, 2025
The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be... High Unreviewed
CVE-2025-10285 was published Dec 5, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
libcrux incorrectly calculates on aarch64 High
GHSA-2cgv-28vr-rv6j was published for libcrux-intrinsics (Rust) Dec 4, 2025
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed
CVE-2025-54304 was published Dec 4, 2025
Ansible Community General Collection is vulnerable to exposure of sensitive information Moderate
CVE-2025-14010 was published for ansible (pip) Dec 4, 2025
reanguiano
Credited to reanguiano
The WebP Express plugin for WordPress is vulnerable to information exposure via config files in... Moderate Unreviewed
CVE-2025-11379 was published Dec 4, 2025
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58,... Moderate Unreviewed
CVE-2025-20383 was published Dec 3, 2025
The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2025-12585 was published Dec 3, 2025
User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... Moderate Unreviewed
CVE-2025-41015 was published Dec 2, 2025
User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... Moderate Unreviewed
CVE-2025-41014 was published Dec 2, 2025
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated... Moderate Unreviewed
CVE-2025-41066 was published Dec 2, 2025
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up... Moderate Unreviewed
CVE-2025-13696 was published Dec 2, 2025
Grav Exposes Password Hashes Leading to privilege escalation Moderate
CVE-2025-66304 was published for getgrav/grav (Composer) Dec 2, 2025
alix41dsec
Credited to alix41dsec
In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there... Moderate Unreviewed
CVE-2025-13653 was published Dec 1, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU... Moderate Unreviewed
CVE-2025-2879 was published Dec 1, 2025
NutzBoot vulnerable to information disclosure Low
CVE-2025-13804 was published for org.nutz:nutzboot-parent (Maven) Dec 1, 2025
A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5... Moderate Unreviewed
CVE-2025-13785 was published Nov 30, 2025
Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on... Moderate Unreviewed
CVE-2025-13683 was published Nov 28, 2025
Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-58305 was published Nov 28, 2025
Permission control vulnerability in the file management module. Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-64312 was published Nov 28, 2025
Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-64311 was published Nov 28, 2025
Exposure of email service credentials to users without administrative rights in Devolutions... Moderate Unreviewed
CVE-2025-13765 was published Nov 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database