Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,524 advisories

Loading
A code execution security issue exists in the affected product. An attacker with physical access... High Unreviewed
CVE-2025-9160 was published Sep 9, 2025
A security issue affecting multiple Cisco devices also directly impacts Stratix® 5410, 5700, and... High Unreviewed
CVE-2025-7350 was published Sep 9, 2025
A security issue exists within FactoryTalk Activation Manager. An error in the implementation of... High Unreviewed
CVE-2025-7970 was published Sep 9, 2025
toodee is vulnerable to Heap Buffer Overflow through its DrainCol Destructor High
GHSA-pfp7-vxgr-83pw was published for toodee (Rust) Sep 9, 2025
copyparty: Sharing a single file does not fully restrict access to other files in source folder Moderate
CVE-2025-58753 was published for copyparty (pip) Sep 9, 2025
DuckDB NPM packages 1.3.3 and 1.29.2 briefly compromised with malware High
CVE-2025-59037 was published for @duckdb/duckdb-wasm (npm) Sep 9, 2025
A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly... Low Unreviewed
CVE-2025-8277 was published Sep 9, 2025
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2025-24404 was published Sep 9, 2025
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')... High Unreviewed
CVE-2025-48208 was published Sep 9, 2025
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle... Moderate Unreviewed
CVE-2025-10095 was published Sep 9, 2025
TYPO3 CSV download feature information disclosure Moderate
CVE-2025-59019 was published for typo3/cms-backend (Composer) Sep 9, 2025
TYPO3 backend modules have Broken Access Control Moderate
CVE-2025-59017 was published for typo3/cms-backend (Composer) Sep 9, 2025
TYPO3 Workspaces Module Information Disclosure High
CVE-2025-59018 was published for typo3/cms-workspaces (Composer) Sep 9, 2025
TYPO3 CMS exposes sensitive information in an error message Moderate
CVE-2025-59016 was published for typo3/cms-core (Composer) Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions... Critical Unreviewed
CVE-2025-40804 was published Sep 9, 2025
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a... High Unreviewed
CVE-2025-41701 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40798 was published Sep 9, 2025
TYPO3 CMS has an open‑redirect vulnerability Moderate
CVE-2025-59013 was published for typo3/cms-core (Composer) Sep 9, 2025
TYPO3 Bookmark Toolbar vulnerable to denial of service Moderate
CVE-2025-59014 was published for typo3/cms-backend (Composer) Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40802 was published Sep 9, 2025
TYPO3 CMS uses insufficient entropy when generating passwords Moderate
CVE-2025-59015 was published for typo3/cms-core (Composer) Sep 9, 2025
A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS... Moderate Unreviewed
CVE-2025-40594 was published Sep 9, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... Moderate Unreviewed
CVE-2025-9542 was published Sep 9, 2025
The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-10134 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database