GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,611
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,263
NuGet 760
pip 4,058
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 276,969

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,580 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. Moderate Unreviewed

CVE-2025-54101 was published Sep 9, 2025

Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to... High Unreviewed

CVE-2025-49692 was published Sep 9, 2025

Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to... High Unreviewed

CVE-2025-53805 was published Sep 9, 2025

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed

CVE-2025-53808 was published Sep 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-47569 was published Sep 9, 2025

Deserialization of Untrusted Data vulnerability in ThemeGoods Photography. This issue affects... Critical Unreviewed

CVE-2025-47579 was published Sep 9, 2025

Generation of error message containing sensitive information in Windows Kernel allows an... Moderate Unreviewed

CVE-2025-53803 was published Sep 9, 2025

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-53802 was published Sep 9, 2025

Missing Authorization vulnerability in awesomesupport Awesome Support. This issue affects Awesome... Moderate Unreviewed

CVE-2025-53340 was published Sep 9, 2025

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed

CVE-2025-53797 was published Sep 9, 2025

Missing Authorization vulnerability in andy_moyle Church Admin. This issue affects Church Admin:... Moderate Unreviewed

CVE-2025-39553 was published Sep 9, 2025

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed

CVE-2025-53804 was published Sep 9, 2025

Server-Side Request Forgery (SSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache. This... Moderate Unreviewed

CVE-2025-47437 was published Sep 9, 2025

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in GoodBarber GoodBarber. This... Moderate Unreviewed

CVE-2025-39523 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47694 was published Sep 9, 2025

Missing Authorization vulnerability in Laborator Kalium. This issue affects Kalium: from n/a... Moderate Unreviewed

CVE-2025-53348 was published Sep 9, 2025

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows... High Unreviewed

CVE-2025-49734 was published Sep 9, 2025

Missing Authorization vulnerability in spoddev2021 Spreadconnect. This issue affects... Moderate Unreviewed

CVE-2025-53291 was published Sep 9, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-47695 was published Sep 9, 2025

Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress... High Unreviewed

CVE-2025-48101 was published Sep 9, 2025

Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-53799 was published Sep 9, 2025

Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove Core allows Object... High Unreviewed

CVE-2025-53303 was published Sep 9, 2025

Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player allows Server... High Unreviewed

CVE-2025-49430 was published Sep 9, 2025

Missing Authorization vulnerability in Majestic Support Majestic Support. This issue affects... Moderate Unreviewed

CVE-2025-49860 was published Sep 9, 2025

No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate... High Unreviewed

CVE-2025-53800 was published Sep 9, 2025

Previous 1…368…400 Next

Previous 1 2 … 366 367 368 369 370 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,580 advisories