Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,090 advisories

Loading
The PopAd plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... Moderate Unreviewed
CVE-2025-9616 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36904 was published Sep 4, 2025
There is a possible escalation of privilege due to a logic error in the code. This could lead to... High Unreviewed
CVE-2025-36898 was published Sep 4, 2025
In ReadTachyonCommands of gxp_main_actor.cc, there is a possible information leak due to... Moderate Unreviewed
CVE-2025-36893 was published Sep 4, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-13073 was published Sep 4, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano... High Unreviewed
CVE-2025-2411 was published Sep 4, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-13071 was published Sep 4, 2025
Information disclosure High Unreviewed
CVE-2025-36895 was published Sep 4, 2025
Elevation of privilege High Unreviewed
CVE-2025-36891 was published Sep 4, 2025
Denial of service High Unreviewed
CVE-2025-36892 was published Sep 4, 2025
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing... Critical Unreviewed
CVE-2025-36897 was published Sep 4, 2025
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-56190 was published Sep 4, 2025
In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds... High Unreviewed
CVE-2025-36887 was published Sep 4, 2025
In TBD of TBD, there is a possible DoS due to a missing null check. This could lead to remote... High Unreviewed
CVE-2025-36894 was published Sep 4, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat... High Unreviewed
CVE-2025-2417 was published Sep 4, 2025
In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to... High Unreviewed
CVE-2024-56189 was published Sep 4, 2025
Elevation of Privilege Critical Unreviewed
CVE-2025-36890 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36896 was published Sep 4, 2025
DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more Critical
CVE-2025-58367 was published for deepdiff (pip) Sep 3, 2025
diogotcorreia
Credited to diogotcorreia
Mautic Vulnerable to User Enumeration via Response Timing Moderate
CVE-2025-9824 was published for mautic/core (Composer) Sep 3, 2025
Vautia kuzmany
Credited to Vautia and kuzmany
Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add Moderate
CVE-2025-9823 was published for mautic/core (Composer) Sep 3, 2025
nmmorette kuzmany
patrykgruszka
Credited to nmmorette, kuzmany, and patrykgruszka
Mautic vulnerable to secret data extraction via elfinder Moderate
CVE-2025-9822 was published for mautic/core (Composer) Sep 3, 2025
B0D0B0P0T lenonleite
kuzmany
Credited to B0D0B0P0T, lenonleite, and kuzmany
Mautic vulnerable to SSRF via webhook function Low
CVE-2025-9821 was published for mautic/core (Composer) Sep 3, 2025
asesidaa patrykgruszka
kuzmany lukehebe
Credited to asesidaa, patrykgruszka, kuzmany, and lukehebe
Hono's flaw in URL path parsing could cause path confusion High
CVE-2025-58362 was published for hono (npm) Sep 3, 2025
mwlik imenyoo2
Credited to mwlik and imenyoo2
frost-core: refresh shares with smaller min_signers will reduce security of group Moderate
CVE-2025-58359 was published for frost-core (Rust) Sep 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database