GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,127
Composer 5,092
Erlang 40
GitHub Actions 38
Go 2,767
Maven 6,180
npm 4,374
NuGet 770
pip 4,148
Pub 12
RubyGems 963
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 282,591

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

135,277 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2025-15088 was published Dec 26, 2025

The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for... Moderate Unreviewed

CVE-2025-14913 was published Dec 26, 2025

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the... Moderate Unreviewed

CVE-2025-15085 was published Dec 25, 2025

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function... Moderate Unreviewed

CVE-2025-15086 was published Dec 25, 2025

A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the... Moderate Unreviewed

CVE-2025-15087 was published Dec 25, 2025

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings... Moderate Unreviewed

CVE-2025-68935 was published Dec 25, 2025

ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer. Moderate Unreviewed

CVE-2025-68936 was published Dec 25, 2025

A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the... Moderate Unreviewed

CVE-2025-15082 was published Dec 25, 2025

A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function... Moderate Unreviewed

CVE-2025-15081 was published Dec 25, 2025

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join)... Moderate Unreviewed

CVE-2025-49088 was published Dec 25, 2025

Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP... Moderate Unreviewed

CVE-2025-66378 was published Dec 25, 2025

A security vulnerability has been detected in itsourcecode Student Management System 1.0. The... Moderate Unreviewed

CVE-2025-15077 was published Dec 25, 2025

A weakness has been identified in Tenda CH22 1.0.0.1. Impacted is an unknown function of the file... Moderate Unreviewed

CVE-2025-15076 was published Dec 25, 2025

A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element... Moderate Unreviewed

CVE-2025-15078 was published Dec 25, 2025

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This... Moderate Unreviewed

CVE-2025-15074 was published Dec 25, 2025

A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue... Moderate Unreviewed

CVE-2025-15075 was published Dec 25, 2025

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This... Moderate Unreviewed

CVE-2025-15073 was published Dec 25, 2025

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed

CVE-2019-25254 was published Dec 24, 2025

Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management... Moderate Unreviewed

CVE-2019-25251 was published Dec 24, 2025

Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers... Moderate Unreviewed

CVE-2019-25252 was published Dec 24, 2025

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted... Moderate Unreviewed

CVE-2025-68915 was published Dec 24, 2025

ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is... Moderate Unreviewed

CVE-2025-68917 was published Dec 24, 2025

Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8... Moderate Unreviewed

CVE-2025-68919 was published Dec 24, 2025

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection.... Moderate Unreviewed

CVE-2025-68914 was published Dec 24, 2025

Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow... Moderate Unreviewed

CVE-2019-25244 was published Dec 24, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

135,277 advisories