Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,994 advisories

Loading
A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue... Moderate Unreviewed
CVE-2025-9674 was published Aug 29, 2025
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected... Moderate Unreviewed
CVE-2025-9677 was published Aug 29, 2025
A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown... Moderate Unreviewed
CVE-2025-9675 was published Aug 29, 2025
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed
CVE-2024-46484 was published Aug 29, 2025
A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Affected is an unknown... Moderate Unreviewed
CVE-2025-9672 was published Aug 29, 2025
Liferay Portal allows improper access through the expandoTableLocalService Moderate
CVE-2025-43773 was published for com.liferay:com.liferay.portal.workflow.kaleo.runtime.impl (Maven) Aug 29, 2025
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown... Moderate Unreviewed
CVE-2025-9671 was published Aug 29, 2025
A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown... Moderate Unreviewed
CVE-2025-9670 was published Aug 29, 2025
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by... Moderate Unreviewed
CVE-2025-9673 was published Aug 29, 2025
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-56577 was published Aug 29, 2025
Tracing logging user input may result in poisoning logs with ANSI escape sequences Low
CVE-2025-58160 was published for tracing-subscriber (Rust) Aug 29, 2025
zefr0x
Credited to zefr0x
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text High
CVE-2024-52284 was published for github.com/rancher/fleet (Go) Aug 29, 2025
webp crate may expose memory contents when encoding an image Moderate
GHSA-9q78-27f3-2jmh was published for webp (Rust) Aug 29, 2025
github.com/gorilla/csrf improperly validates TrustedOrigins allowing CSRF attacks Moderate
CVE-2025-47909 was published for github.com/gorilla/csrf (Go) Aug 29, 2025
gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm High
CVE-2025-58157 was published for github.com/consensys/gnark (Go) Aug 29, 2025
feltroidprime
Credited to feltroidprime
Eventlet affected by HTTP request smuggling in unparsed trailers Moderate
CVE-2025-58068 was published for eventlet (pip) Aug 29, 2025
sebastianosrt
Credited to sebastianosrt
Google Sign-In for Rails allowed redirect to protocol-relative URI Moderate
CVE-2025-58067 was published for google_sign_in (RubyGems) Aug 29, 2025
DoS Vulnerability in ntpd-rs Moderate
CVE-2025-58066 was published for ntpd-rs (Rust) Aug 29, 2025
A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-9665 was published Aug 29, 2025
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected... Moderate Unreviewed
CVE-2025-9666 was published Aug 29, 2025
The authenticated remote command execution (RCE) vulnerability exists in the Parental Control... High Unreviewed
CVE-2025-9377 was published Aug 29, 2025
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-44033 was published Aug 29, 2025
A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an... High Unreviewed
CVE-2025-52861 was published Aug 29, 2025
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker... Low Unreviewed
CVE-2025-44015 was published Aug 29, 2025
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database