Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,021 advisories

Loading
ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header High
CVE-2025-57808 was published for esphome (pip) Sep 2, 2025
bcat
Credited to bcat
Local Deep Research's API keys are stored in plain text Moderate
CVE-2025-57806 was published for local-deep-research (pip) Sep 2, 2025
i-d-lytvynenko
Credited to i-d-lytvynenko
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-12974 was published Sep 2, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows... Moderate Unreviewed
CVE-2025-0670 was published Sep 2, 2025
Undertow MadeYouReset HTTP/2 DDoS Vulnerability High
CVE-2025-9784 was published for io.undertow:undertow-core (Maven) Sep 2, 2025
fawind
Credited to fawind
A vulnerability was found in Campcodes Farm Management System 1.0. This affects an unknown part... Moderate Unreviewed
CVE-2025-9811 was published Sep 2, 2025
A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2... Moderate Unreviewed
CVE-2025-9796 was published Sep 2, 2025
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed
CVE-2025-9815 was published Sep 2, 2025
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. Impacted... Moderate Unreviewed
CVE-2025-9814 was published Sep 2, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor... High Unreviewed
CVE-2025-2413 was published Sep 2, 2025
Silverpeas Core Username Enumeration Vulnerability Moderate
CVE-2025-46047 was published for org.silverpeas.core:silverpeas-core (Maven) Sep 2, 2025
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-50755 was published Sep 2, 2025
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-50757 was published Sep 2, 2025
A security flaw has been discovered in SourceCodester Hotel Reservation System 1.0. This affects... Moderate Unreviewed
CVE-2025-9790 was published Sep 2, 2025
A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. This... Moderate Unreviewed
CVE-2025-9792 was published Sep 2, 2025
A vulnerability was detected in itsourcecode Apartment Management System 1.0. Impacted is an... Moderate Unreviewed
CVE-2025-9793 was published Sep 2, 2025
A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the... Moderate Unreviewed
CVE-2025-9795 was published Sep 2, 2025
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element... Moderate Unreviewed
CVE-2025-9794 was published Sep 2, 2025
Wavlink AC1200 with firmware versions M32A3_V1410_230602 and M32A3_V1410_240222 are vulnerable to... Moderate Unreviewed
CVE-2024-48705 was published Sep 2, 2025
PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference ... Moderate Unreviewed
CVE-2025-56254 was published Sep 2, 2025
rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path. Critical Unreviewed
CVE-2025-57140 was published Sep 2, 2025
In geniezone, there is a possible memory corruption due to use after free. This could lead to... Moderate Unreviewed
CVE-2025-20707 was published Sep 2, 2025
In monitor_hang, there is a possible memory corruption due to use after free. This could lead to... High Unreviewed
CVE-2025-20705 was published Sep 2, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2025-20704 was published Sep 2, 2025
In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could... High Unreviewed
CVE-2025-20703 was published Sep 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database