GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,442

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,042 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF)... Unknown Unreviewed

CVE-2025-63716 was published Nov 7, 2025

Cross-Site Scripting (XSS) vulnerability in SourceCodester User Account Generator 1.0 allows... Unknown Unreviewed

CVE-2025-63714 was published Nov 7, 2025

Cross-Site Scripting (XSS) vulnerability in SourceCodester "MatchMaster" 1.0 allows remote... Unknown Unreviewed

CVE-2025-63713 was published Nov 7, 2025

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory... High Unreviewed

CVE-2025-9458 was published Nov 7, 2025

A security flaw has been discovered in Campcodes School File Management 1.0. This affects an... Moderate Unreviewed

CVE-2025-12873 was published Nov 7, 2025

Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows... Critical Unreviewed

CVE-2025-3222 was published Nov 7, 2025

AstrBot contains a directory traversal vulnerability High

CVE-2025-57698 was published for AstrBot (pip) Nov 7, 2025

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... Moderate Unreviewed

CVE-2025-57712 was published Nov 7, 2025

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The... Low Unreviewed

CVE-2025-58469 was published Nov 7, 2025

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker... High Unreviewed

CVE-2025-58464 was published Nov 7, 2025

A relative path traversal vulnerability has been reported to affect Download Station. If a remote... Low Unreviewed

CVE-2025-58463 was published Nov 7, 2025

A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If a... Low Unreviewed

CVE-2025-58465 was published Nov 7, 2025

An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in... Unknown Unreviewed

CVE-2025-63687 was published Nov 7, 2025

A Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project... Unknown Unreviewed

CVE-2025-63783 was published Nov 7, 2025

There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit... Unknown Unreviewed

CVE-2025-63686 was published Nov 7, 2025

In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz... Critical Unreviewed

CVE-2025-63690 was published Nov 7, 2025

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the text editor feature of the... Unknown Unreviewed

CVE-2025-63785 was published Nov 7, 2025

In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System... Critical Unreviewed

CVE-2025-63691 was published Nov 7, 2025

An Open Redirect vulnerability exists in the OAuth callback handler in file onlook/apps/web... Unknown Unreviewed

CVE-2025-63784 was published Nov 7, 2025

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit... Critical Unreviewed

CVE-2025-63689 was published Nov 7, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-7719 was published Nov 7, 2025

A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by... Moderate Unreviewed

CVE-2025-12862 was published Nov 7, 2025

A NULL pointer dereference vulnerability has been reported to affect several product versions. If... Moderate Unreviewed

CVE-2025-47207 was published Nov 7, 2025

An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit... Critical Unreviewed

CVE-2025-52425 was published Nov 7, 2025

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote... Low Unreviewed

CVE-2025-52865 was published Nov 7, 2025

Previous 1…6…400 Next

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,042 advisories