Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

280,602 advisories

Loading
A vulnerability has been found in fuyang_lipengjun platform 1.0. The impacted element is the... Moderate Unreviewed
CVE-2025-10822 was published Sep 23, 2025
A weakness has been identified in Campcodes Online Learning Management System 1.0. This... Moderate Unreviewed
CVE-2025-10817 was published Sep 23, 2025
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-10816 was published Sep 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59587 was published Sep 22, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-59588 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59586 was published Sep 22, 2025
A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an... Moderate Unreviewed
CVE-2025-10812 was published Sep 22, 2025
A vulnerability was found in code-projects Hostel Management System 1.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-10813 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59589 was published Sep 22, 2025
A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the... High Unreviewed
CVE-2025-10815 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59592 was published Sep 22, 2025
Missing Authorization vulnerability in AdvancedCoding wpDiscuz allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-59591 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59585 was published Sep 22, 2025
A restriction bypass vulnerability in is-localhost-ip could allow attackers to perform Server... Moderate Unreviewed
CVE-2025-9960 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59584 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59583 was published Sep 22, 2025
Missing Authorization vulnerability in VW THEMES Ibtana allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-59581 was published Sep 22, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-59582 was published Sep 22, 2025
MagicProject AI version 9.1 is affected by a Cross-Site Scripting (XSS) vulnerability within the... Moderate Unreviewed
CVE-2025-57203 was published Sep 22, 2025
iNiLabs School Express (SMS Express) 6.2 is affected by a Stored Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-57205 was published Sep 22, 2025
A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this... Moderate Unreviewed
CVE-2025-10814 was published Sep 22, 2025
When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly... Moderate Unreviewed
CVE-2025-47910 was published Sep 22, 2025
Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is affected by a Stored Cross... Moderate Unreviewed
CVE-2025-57204 was published Sep 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-59590 was published Sep 22, 2025
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory... High Unreviewed
CVE-2025-8892 was published Sep 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database