Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,996 advisories

Loading
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to... Moderate Unreviewed
CVE-2025-8825 was published Aug 11, 2025
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to... Moderate Unreviewed
CVE-2025-8821 was published Aug 11, 2025
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to... Moderate Unreviewed
CVE-2025-8818 was published Aug 11, 2025
A vulnerability was found in wangzhixuan spring-shiro-training up to... Moderate Unreviewed
CVE-2025-8752 was published Aug 9, 2025
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability High Unreviewed
CVE-2025-53787 was published Aug 7, 2025
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-53774 was published Aug 7, 2025
A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-8697 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static... Moderate Unreviewed
CVE-2025-54393 was published Aug 7, 2025
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed
CVE-2025-47188 was published Aug 7, 2025
Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api... High Unreviewed
CVE-2025-7769 was published Aug 6, 2025
A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to... Moderate Unreviewed
CVE-2025-8667 was published Aug 6, 2025
A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5.... Moderate Unreviewed
CVE-2025-8665 was published Aug 6, 2025
A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U... Moderate Unreviewed
CVE-2025-45512 was published Aug 5, 2025
A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input... Moderate Unreviewed
CVE-2025-50688 was published Aug 5, 2025
mcp-package-docs vulnerable to command injection in several tools High
CVE-2025-54073 was published for mcp-package-docs (npm) Aug 5, 2025
dellalibera
Credited to dellalibera
@nestjs/devtools-integration: CSRF to Sandbox Escape Allows for RCE against JS Developers Critical
CVE-2025-54782 was published for @nestjs/devtools-integration (npm) Aug 1, 2025
JLLeitschuh
Credited to JLLeitschuh
1Panel agent certificate verification bypass leading to arbitrary command execution High
CVE-2025-54424 was published for github.com/1Panel-dev/1Panel/core (Go) Aug 1, 2025
lizicoco
Credited to lizicoco
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to... Critical Unreviewed
CVE-2025-26063 was published Jul 31, 2025
An issue in Aver PTC310UV2 firmware v.0.1.0000.59 allows a remote attacker to execute arbitrary... Moderate Unreviewed
CVE-2025-45619 was published Jul 30, 2025
A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows... Moderate Unreviewed
CVE-2025-25691 was published Jul 30, 2025
A PHAR deserialization vulnerability in the _getHeaders function of PrestaShop v8.2.0 allows... Moderate Unreviewed
CVE-2025-25692 was published Jul 30, 2025
Totolink X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-52284 was published Jul 29, 2025
A vulnerability, which was classified as critical, was found in Vaelsys 4.1.0. This affects the... Moderate Unreviewed
CVE-2025-8259 was published Jul 28, 2025
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as... High Unreviewed
CVE-2025-8244 was published Jul 28, 2025
tj-actions/branch-names has a Command Injection Vulnerability Critical
CVE-2025-54416 was published for tj-actions/branch-names (GitHub Actions) Jul 25, 2025
tutasla
Credited to tutasla
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database