Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,436 advisories

Loading
Improper input validation in firmware of some Solidigm DC Products may allow an attacker with... Moderate Unreviewed
CVE-2025-9195 was published Aug 28, 2025
O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the... High Unreviewed
CVE-2024-37777 was published Aug 27, 2025
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed
CVE-2025-34161 was published Aug 27, 2025
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed
CVE-2025-34159 was published Aug 27, 2025
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS)... Critical Unreviewed
CVE-2025-34157 was published Aug 27, 2025
Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc... High Unreviewed
CVE-2025-52451 was published Aug 22, 2025
An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system... High Unreviewed
CVE-2025-50674 was published Aug 22, 2025
Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified... Critical Unreviewed
CVE-2025-34158 was published Aug 21, 2025
Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending... High Unreviewed
CVE-2011-10020 was published Aug 20, 2025
IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse... Moderate Unreviewed
CVE-2025-36114 was published Aug 20, 2025
A security issue exists due to improper handling of malformed CIP Forward Close packets during... Critical Unreviewed
CVE-2025-7693 was published Aug 18, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when... High Unreviewed
CVE-2025-6625 was published Aug 18, 2025
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability.... Moderate Unreviewed
CVE-2025-52620 was published Aug 16, 2025
A vulnerability has been found in the  MSoft MFlash application that allows execution of... Critical Unreviewed
CVE-2025-9060 was published Aug 15, 2025
The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all... Moderate Unreviewed
CVE-2025-7507 was published Aug 15, 2025
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... High Unreviewed
CVE-2025-20148 was published Aug 14, 2025
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed
CVE-2025-8876 was published Aug 14, 2025
A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment... High Unreviewed
CVE-2025-7971 was published Aug 14, 2025
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is... Moderate Unreviewed
CVE-2025-8963 was published Aug 14, 2025
Loading arbitrary external URLs through WebView components introduces malicious JS code that can... High Unreviewed
CVE-2025-27388 was published Aug 14, 2025
A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local... High Unreviewed
CVE-2025-4410 was published Aug 13, 2025
UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and... High Unreviewed
CVE-2025-4276 was published Aug 13, 2025
Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute... High Unreviewed
CVE-2025-4277 was published Aug 13, 2025
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform... Moderate Unreviewed
CVE-2025-25005 was published Aug 12, 2025
Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R)... Moderate Unreviewed
CVE-2025-27537 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database