Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

133,535 advisories

Loading
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a... Moderate Unreviewed
CVE-2025-46406 was published Jul 10, 2025
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could... Moderate Unreviewed
CVE-2025-35983 was published Jul 10, 2025
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2025-4406 was published Jul 10, 2025
Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader... Moderate Unreviewed
CVE-2025-44003 was published Jul 10, 2025
The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-5807 was published Jul 10, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-6976 was published Jul 10, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-6975 was published Jul 10, 2025
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on... Moderate Unreviewed
CVE-2025-0140 was published Jul 10, 2025
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital... Moderate Unreviewed
CVE-2025-0139 was published Jul 10, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-36599 was published Jul 9, 2025
Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome... Moderate Unreviewed
CVE-2025-52357 was published Jul 9, 2025
evesys 7.1 (2152) through 8.0 (2202) allows Reflected XSS via the indexeva.php action parameter. Moderate Unreviewed
CVE-2021-27961 was published Jul 9, 2025
Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to... Moderate Unreviewed
CVE-2025-44525 was published Jul 9, 2025
Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users Moderate
CVE-2025-53675 was published for org.jenkins-ci.plugins:warrior (Maven) Jul 9, 2025
Jenkins VAddy Plugin vulnerability exposes plaintext keys on its job configuration form Moderate
CVE-2025-53669 was published for org.jenkins-ci.plugins:vaddy-plugin (Maven) Jul 9, 2025
Jenkins Xooa Plugin vulnerability exposes unencrypted tokens to authenticated users Moderate
CVE-2025-53676 was published for io.jenkins.plugins:xooa (Maven) Jul 9, 2025
Jenkins Xooa Plugin vulnerability does not mask its Xooa Deployment Token Moderate
CVE-2025-53677 was published for io.jenkins.plugins:xooa (Maven) Jul 9, 2025
Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users Moderate
CVE-2025-53742 was published for org.jenkins-ci.plugins:pplitools-eyes (Maven) Jul 9, 2025
Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form Moderate
CVE-2025-53743 was published for org.jenkins-ci.plugins:applitools-eyes (Maven) Jul 9, 2025
Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key Moderate
CVE-2025-53655 was published for org.jenkins.plugins.statistics.gatherer:statistics-gatherer (Maven) Jul 9, 2025
Jenkins ReadyAPI Functional Testing Plugin vulnerability exposes secrets Moderate
CVE-2025-53657 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) Jul 9, 2025
Jenkins QMetry Test Management Plugin stores unencrypted API keys Moderate
CVE-2025-53659 was published for org.jenkins-ci.plugins:qmetry-test-management (Maven) Jul 9, 2025
Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens Moderate
CVE-2025-53667 was published for org.jenkins-ci.plugins:deadmanssnitch (Maven) Jul 9, 2025
Jenkins Dead Man's Snitch Plugin vulnerability stores tokens in plain text Moderate
CVE-2025-53666 was published for org.jenkins-ci.plugins:deadmanssnitch (Maven) Jul 9, 2025
Jenkins Kryptowire Plugin vulnerability stores unencrypted Kryptowire API key Moderate
CVE-2025-53672 was published for io.jenkins.plugins:kryptowire (Maven) Jul 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database