Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

126,194 advisories

Loading
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) admin password is stored in... High Unreviewed
CVE-2025-65009 was published Dec 18, 2025
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows... High Unreviewed
CVE-2025-7358 was published Dec 18, 2025
There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a... High Unreviewed
CVE-2025-64465 was published Dec 18, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc... High Unreviewed
CVE-2025-1031 was published Dec 18, 2025
There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when... High Unreviewed
CVE-2025-64461 was published Dec 18, 2025
There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile() when... High Unreviewed
CVE-2025-64464 was published Dec 18, 2025
There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource() when... High Unreviewed
CVE-2025-64463 was published Dec 18, 2025
Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in... High Unreviewed
CVE-2025-63757 was published Dec 18, 2025
Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows... High Unreviewed
CVE-2025-1029 was published Dec 18, 2025
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle() when... High Unreviewed
CVE-2025-64462 was published Dec 18, 2025
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit... High Unreviewed
CVE-2025-1030 was published Dec 18, 2025
Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory... High Unreviewed
CVE-2025-14861 was published Dec 18, 2025
A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to... High Unreviewed
CVE-2025-40892 was published Dec 18, 2025
A path traversal vulnerability was discovered in the Import Arc data archive functionality due to... High Unreviewed
CVE-2025-40898 was published Dec 18, 2025
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure... High Unreviewed
CVE-2025-14437 was published Dec 18, 2025
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data,... High Unreviewed
CVE-2025-14364 was published Dec 18, 2025
The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is... High Unreviewed
CVE-2025-13641 was published Dec 18, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-64377 was published Dec 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64376 was published Dec 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-66118 was published Dec 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-66119 was published Dec 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-6324 was published Dec 18, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-6326 was published Dec 18, 2025
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting... High Unreviewed
CVE-2025-66054 was published Dec 18, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-64373 was published Dec 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database