Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed
CVE-2025-27212 was published Aug 5, 2025
Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string Moderate
CVE-2024-52279 was published for org.apache.zeppelin:zeppelin-jdbc (Maven) Aug 3, 2025
uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2... High Unreviewed
CVE-2025-54564 was published Aug 1, 2025
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds... High Unreviewed
CVE-2011-10008 was published Jul 31, 2025
Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation... Moderate Unreviewed
CVE-2025-30480 was published Jul 30, 2025
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed
CVE-2025-50578 was published Jul 30, 2025
The vulnerability was identified in the code developed specifically for Lenovo. Please visit ... Moderate Unreviewed
CVE-2025-4424 was published Jul 30, 2025
This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15... Critical Unreviewed
CVE-2025-43253 was published Jul 30, 2025
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2025-43223 was published Jul 30, 2025
Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed
CVE-2025-43234 was published Jul 30, 2025
An issue existed in the handling of environment variables. This issue was addressed with improved... Moderate Unreviewed
CVE-2025-43195 was published Jul 30, 2025
An input validation issue was addressed with improved memory handling. This issue is fixed in... Critical Unreviewed
CVE-2025-31281 was published Jul 30, 2025
Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student... High Unreviewed
CVE-2025-50489 was published Jul 28, 2025
Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary... High Unreviewed
CVE-2025-50492 was published Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car... High Unreviewed
CVE-2025-50494 was published Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor... High Unreviewed
CVE-2025-50493 was published Jul 28, 2025
Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student... High Unreviewed
CVE-2025-50490 was published Jul 28, 2025
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical.... Moderate Unreviewed
CVE-2025-8266 was published Jul 28, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to... Moderate Unreviewed
CVE-2025-8097 was published Jul 26, 2025
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives.... High Unreviewed
CVE-2014-125119 was published Jul 25, 2025
A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed
CVE-2014-125117 was published Jul 25, 2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling... High Unreviewed
CVE-2014-125114 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API High
CVE-2025-54385 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 25, 2025
FastAPI Guard has a regex bypass High
CVE-2025-54365 was published for fastapi-guard (pip) Jul 23, 2025
dhki rennf93
Credited to dhki and rennf93
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database