Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

145,500 advisories

Loading
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0... Moderate Unreviewed
CVE-2025-33014 was published Jul 18, 2025
melange's world-writable permissions expose SBOM files to potential image tampering Moderate
CVE-2025-54059 was published for chainguard.dev/melange (Go) Jul 18, 2025
markusboehme egibs
codyharris-h2o-ai stevebeattie eslerm
Credited to markusboehme, egibs, codyharris-h2o-ai, stevebeattie, and eslerm
Incorrect access control in the dynawebservice component of agorum Software GmbH Agorum core open... Moderate Unreviewed
CVE-2025-52168 was published Jul 18, 2025
A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this... Moderate Unreviewed
CVE-2025-7797 was published Jul 18, 2025
Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows... Moderate Unreviewed
CVE-2025-52166 was published Jul 18, 2025
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data... Moderate Unreviewed
CVE-2025-45157 was published Jul 18, 2025
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Moderate Unreviewed
CVE-2025-50586 was published Jul 18, 2025
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for... Moderate Unreviewed
CVE-2025-45156 was published Jul 18, 2025
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML... Moderate Unreviewed
CVE-2025-52162 was published Jul 18, 2025
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been... Moderate Unreviewed
CVE-2025-7791 was published Jul 18, 2025
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected... Moderate Unreviewed
CVE-2025-7789 was published Jul 18, 2025
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges... Moderate Unreviewed
CVE-2025-47995 was published Jul 18, 2025
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical.... Moderate Unreviewed
CVE-2025-7788 was published Jul 18, 2025
An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of... Moderate Unreviewed
CVE-2025-46000 was published Jul 18, 2025
Duplicate Advisory: Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) Moderate
GHSA-83j7-mhw9-388w was published for org.keycloak:keycloak-services (Maven) Jul 18, 2025 withdrawn
Filemanager is vulnerable to Relative Path Traversal through filemanager.php Moderate
CVE-2025-46002 was published for simogeo/filemanager (Composer) Jul 18, 2025
A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10.... Moderate Unreviewed
CVE-2025-7786 was published Jul 18, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER... Moderate Unreviewed
CVE-2024-13175 was published Jul 18, 2025
A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This... Moderate Unreviewed
CVE-2025-7785 was published Jul 18, 2025
A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joomla was discovered. The... Moderate Unreviewed
CVE-2025-50126 was published Jul 18, 2025
A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered.... Moderate Unreviewed
CVE-2025-50056 was published Jul 18, 2025
A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 Joomla was discovered. The... Moderate Unreviewed
CVE-2025-50058 was published Jul 18, 2025
A DOS vulnerability in RSFiles! component 1.16.3-1.17.7 Joomla was discovered. The issue allows... Moderate Unreviewed
CVE-2025-50057 was published Jul 18, 2025
Mattermost Path Traversal vulnerability Moderate
CVE-2025-6233 was published for github.com/mattermost/mattermost-server (Go) Jul 18, 2025
Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use... Moderate Unreviewed
CVE-2025-2425 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database