Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

144,549 advisories

Loading
A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to... Moderate Unreviewed
CVE-2025-14201 was published Dec 7, 2025
A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is... Moderate Unreviewed
CVE-2025-14197 was published Dec 7, 2025
A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to... Moderate Unreviewed
CVE-2025-14200 was published Dec 7, 2025
A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file... Moderate Unreviewed
CVE-2025-14199 was published Dec 7, 2025
A vulnerability was detected in Verysync 微力同步 2.21.3. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-14198 was published Dec 7, 2025
A vulnerability was found in RashminDungrani online-banking up to... Moderate Unreviewed
CVE-2025-14192 was published Dec 7, 2025
A security flaw has been discovered in code-projects Employee Profile Management System 1.0.... Moderate Unreviewed
CVE-2025-14195 was published Dec 7, 2025
A vulnerability was determined in code-projects Employee Profile Management System 1.0. This... Moderate Unreviewed
CVE-2025-14193 was published Dec 7, 2025
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This... Moderate Unreviewed
CVE-2025-14194 was published Dec 7, 2025
A flaw has been found in Chanjet TPlus up to 20251121. Affected by this vulnerability is an... Moderate Unreviewed
CVE-2025-14190 was published Dec 7, 2025
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of... Moderate Unreviewed
CVE-2025-14189 was published Dec 7, 2025
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an... Moderate Unreviewed
CVE-2025-14186 was published Dec 7, 2025
A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function... Moderate Unreviewed
CVE-2025-14184 was published Dec 7, 2025
A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an... Moderate Unreviewed
CVE-2025-14185 was published Dec 7, 2025
A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the... Moderate Unreviewed
CVE-2025-14183 was published Dec 7, 2025
A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability... Moderate Unreviewed
CVE-2025-14182 was published Dec 7, 2025
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Impacted is the function... Moderate Unreviewed
CVE-2025-14139 was published Dec 6, 2025
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin... Moderate Unreviewed
CVE-2025-13748 was published Dec 6, 2025
The TR Timthumb plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode... Moderate Unreviewed
CVE-2025-13899 was published Dec 6, 2025
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `token`... Moderate Unreviewed
CVE-2025-13863 was published Dec 6, 2025
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-13896 was published Dec 6, 2025
The CSV Sumotto plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `... Moderate Unreviewed
CVE-2025-13894 was published Dec 6, 2025
The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-13898 was published Dec 6, 2025
The CSS3 Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2025-13907 was published Dec 6, 2025
A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The... Moderate Unreviewed
CVE-2025-14117 was published Dec 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database