Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

306,555 advisories

Loading
RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd.... High Unreviewed
CVE-2025-68459 was published Dec 18, 2025
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory,... Low Unreviewed
CVE-2025-68462 was published Dec 18, 2025
Memory corruption while handling concurrent memory mapping and unmapping requests from a user... High Unreviewed
CVE-2025-47350 was published Dec 18, 2025
Memory corruption during video playback when video session open fails with time out error. High Unreviewed
CVE-2025-27063 was published Dec 18, 2025
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS... High Unreviewed
CVE-2025-14022 was published Dec 15, 2025
A security flaw has been discovered in itsourcecode Student Management System 1.0. This... Moderate Unreviewed
CVE-2025-14588 was published Dec 13, 2025
A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This... Moderate Unreviewed
CVE-2025-14587 was published Dec 13, 2025
A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0.... Moderate Unreviewed
CVE-2025-14638 was published Dec 14, 2025
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-14584 was published Dec 13, 2025
A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue... Moderate Unreviewed
CVE-2025-14586 was published Dec 13, 2025
The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is... Moderate Unreviewed
CVE-2025-12885 was published Dec 18, 2025
A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function... Moderate Unreviewed
CVE-2025-14841 was published Dec 18, 2025
A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element... Moderate Unreviewed
CVE-2025-14856 was published Dec 18, 2025
A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This... Moderate Unreviewed
CVE-2025-14637 was published Dec 13, 2025
A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted... Moderate Unreviewed
CVE-2025-14644 was published Dec 14, 2025
A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected... Moderate Unreviewed
CVE-2025-14643 was published Dec 14, 2025
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-14585 was published Dec 13, 2025
Dolibarr Application Home Page has HTML injection vulnerability High
CVE-2024-23817 was published for dolibarr/dolibarr (Composer) Apr 18, 2024
saimanikanta1992
Credited to saimanikanta1992
Weaviate OSS has path traversal vulnerability via the Shard Movement API High
CVE-2025-67819 was published for github.com/weaviate/weaviate (Go) Dec 12, 2025
Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip High
CVE-2025-67818 was published for github.com/weaviate/weaviate (Go) Dec 12, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality Moderate
CVE-2025-34430 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
Algernon Cross-Site Scripting vulnerability Moderate
CVE-2025-65754 was published for github.com/xyproto/algernon (Go) Dec 10, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality High
CVE-2025-34410 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
Zitadel Discloses the Total Number of Instance Users Moderate
CVE-2025-67717 was published for github.com/zitadel/zitadel (Go) Dec 10, 2025
IAM-marco livio-a
Credited to IAM-marco and livio-a
Gogs vulnerable to a bypass of CVE-2024-55947 High
CVE-2025-8110 was published for gogs.io/gogs (Go) Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database