Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

142,599 advisories

Loading
TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control... Moderate Unreviewed
CVE-2022-4983 was published Nov 13, 2025
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source... Moderate Unreviewed
CVE-2025-33119 was published Nov 13, 2025
Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details Moderate
CVE-2025-64502 was published for parse-server (npm) Nov 13, 2025
mtrezza coratgerl
mstniy
Credited to mtrezza, coratgerl, and mstniy
A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-13061 was published Nov 12, 2025
An improper default permission vulnerability was reported in Lenovo Dock Manager that, under... Moderate Unreviewed
CVE-2025-8421 was published Nov 12, 2025
IBM OpenPages 9.0 and 9.1 is vulnerable to HTTP header injection, caused by improper validation... Moderate Unreviewed
CVE-2025-36223 was published Nov 12, 2025
A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function.... Moderate Unreviewed
CVE-2025-13063 was published Nov 12, 2025
A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This... Moderate Unreviewed
CVE-2025-13060 was published Nov 12, 2025
A vulnerability was reported in the Lenovo Scanner pro application during an internal security... Moderate Unreviewed
CVE-2025-12047 was published Nov 12, 2025
IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to... Moderate Unreviewed
CVE-2025-27368 was published Nov 12, 2025
A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted... Moderate Unreviewed
CVE-2025-13059 was published Nov 12, 2025
A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is... Moderate Unreviewed
CVE-2025-13058 was published Nov 12, 2025
A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted... Moderate Unreviewed
CVE-2025-13057 was published Nov 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of... Moderate Unreviewed
CVE-2024-48829 was published Nov 12, 2025
A stored cross-site scripting (XSS) in the Business Line Management module of Xxl-api v1.3.0... Moderate Unreviewed
CVE-2025-60646 was published Nov 12, 2025
A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08).... Moderate Unreviewed
CVE-2025-63927 was published Nov 12, 2025
Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious... Moderate Unreviewed
CVE-2025-25236 was published Nov 12, 2025
N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N... Moderate Unreviewed
CVE-2025-9316 was published Nov 12, 2025
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields. Moderate Unreviewed
CVE-2025-59491 was published Nov 12, 2025
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through... Moderate Unreviewed
CVE-2025-59089 was published Nov 12, 2025
Cross Site Scripting (XSS) vulnerability in CrushFTP 11.3.6_48. The Web-Based Server has a... Moderate Unreviewed
CVE-2025-63419 was published Nov 12, 2025
Cross-site scripting (XSS) vulnerability in the generate report functionality in Rarlab WinRAR 7... Moderate Unreviewed
CVE-2025-52331 was published Nov 12, 2025
A Cross-Site Request Forgery (CSRF) in xxl-api v1.3.0 allows attackers to arbitrarily add users... Moderate Unreviewed
CVE-2025-60645 was published Nov 12, 2025
A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation... Moderate Unreviewed
CVE-2025-62876 was published Nov 12, 2025
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Moderate Unreviewed
CVE-2025-11566 was published Nov 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database