Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,090 advisories

Loading
There is a possible escalation of privilege due to test/debugging code left in a production build... High Unreviewed
CVE-2025-36899 was published Sep 4, 2025
Information disclosure Moderate Unreviewed
CVE-2025-36909 was published Sep 4, 2025
The Make Connector plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6085 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58698 was published Sep 4, 2025
The Easy Timer plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,... High Unreviewed
CVE-2025-9519 was published Sep 4, 2025
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write... High Unreviewed
CVE-2025-36907 was published Sep 4, 2025
In lwis_test_register_io of lwis_device_test.c, there is a possible OOB Write due to an integer... Moderate Unreviewed
CVE-2025-36900 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58695 was published Sep 4, 2025
Liferay Portal Vulnerable to Denial of Service in Kaleo Forms Admin High
CVE-2025-43772 was published for com.liferay:com.liferay.portal.workflow.kaleo.forms.web (Maven) Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58694 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58696 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58700 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58701 was published Sep 4, 2025
In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic... High Unreviewed
CVE-2025-36905 was published Sep 4, 2025
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an... Moderate Unreviewed
CVE-2025-36908 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58699 was published Sep 4, 2025
In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due... Moderate Unreviewed
CVE-2025-36902 was published Sep 4, 2025
N/A High Unreviewed
CVE-2025-36901 was published Sep 4, 2025
In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation.... High Unreviewed
CVE-2025-36903 was published Sep 4, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-58697 was published Sep 4, 2025
The atec Debug plugin for WordPress is vulnerable to remote code execution in all versions up to,... High Unreviewed
CVE-2025-9517 was published Sep 4, 2025
The atec Debug plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... High Unreviewed
CVE-2025-9518 was published Sep 4, 2025
In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write... High Unreviewed
CVE-2025-36906 was published Sep 4, 2025
Langchain Community Vulnerable to XML External Entity (XXE) Attacks High
CVE-2025-6984 was published for langchain-community (pip) Sep 4, 2025
The atec Debug plugin for WordPress is vulnerable to arbitrary file read in all versions up to,... Moderate Unreviewed
CVE-2025-9516 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database