Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,859 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access... Moderate Unreviewed
CVE-2025-58202 was published Aug 27, 2025
Missing Authorization vulnerability in AfterShip & Automizely AfterShip Tracking allows Accessing... Moderate Unreviewed
CVE-2025-58201 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58205 was published Aug 27, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Eric Teubert Podlove Podcast... Moderate Unreviewed
CVE-2025-58204 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58213 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58208 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58212 was published Aug 27, 2025
Kubernetes Nodes can delete themselves by adding an OwnerReference Moderate
CVE-2025-5187 was published for k8s.io/kubernetes (Go) Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58196 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58197 was published Aug 27, 2025
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-58192 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58194 was published Aug 27, 2025
simple-admin-core SQL Injection vulnerability High
CVE-2025-51667 was published for github.com/suyuan32/simple-admin-core (Go) Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58209 was published Aug 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58211 was published Aug 27, 2025
Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-58198 was published Aug 27, 2025
Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting... Moderate Unreviewed
CVE-2025-58193 was published Aug 27, 2025
A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an... Moderate Unreviewed
CVE-2025-20344 was published Aug 27, 2025
In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the... Critical Unreviewed
CVE-2025-50428 was published Aug 27, 2025
A template injection vulnerability leading to reflected cross-site scripting (XSS) has been... Moderate Unreviewed
CVE-2025-50977 was published Aug 27, 2025
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed
CVE-2025-34161 was published Aug 27, 2025
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... Moderate Unreviewed
CVE-2025-54598 was published Aug 27, 2025
In Gitblit v1.7.1, a reflected cross-site scripting (XSS) vulnerability exists in the way... Moderate Unreviewed
CVE-2025-50978 was published Aug 27, 2025
A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus... Moderate Unreviewed
CVE-2025-20262 was published Aug 27, 2025
Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager... Moderate Unreviewed
CVE-2025-20294 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database