Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

145,508 advisories

Loading
A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-7748 was published Jul 17, 2025
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely... Moderate Unreviewed
CVE-2025-51497 was published Jul 17, 2025
Netwrix Directory Manager through 2025-05-01 allows XSS. Moderate Unreviewed
CVE-2025-47189 was published Jul 17, 2025
Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an... Moderate Unreviewed
CVE-2025-5346 was published Jul 17, 2025
Bluebird devices contain a pre-loaded file manager application. This application exposes an... Moderate Unreviewed
CVE-2025-5345 was published Jul 17, 2025
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The... Moderate Unreviewed
CVE-2025-40924 was published Jul 17, 2025
Grafana's insecure DingDing Alert integration exposes sensitive information Moderate
CVE-2025-3415 was published for github.com/grafana/grafana (Go) Jul 17, 2025
The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2... Moderate Unreviewed
CVE-2025-4302 was published Jul 17, 2025
A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this... Moderate Unreviewed
CVE-2025-7729 was published Jul 17, 2025
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. Affected is... Moderate Unreviewed
CVE-2025-7728 was published Jul 17, 2025
Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( ... Moderate Unreviewed
CVE-2025-6982 was published Jul 16, 2025
A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to... Moderate Unreviewed
CVE-2025-6983 was published Jul 16, 2025
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes Moderate
CVE-2025-53892 was published for @intlify/core (npm) Jul 16, 2025
luoingly
Credited to luoingly
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... Moderate Unreviewed
CVE-2025-20288 was published Jul 16, 2025
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved... Moderate Unreviewed
CVE-2025-20272 was published Jul 16, 2025
A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow... Moderate Unreviewed
CVE-2025-20285 was published Jul 16, 2025
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated,... Moderate Unreviewed
CVE-2025-20283 was published Jul 16, 2025
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... Moderate Unreviewed
CVE-2025-20274 was published Jul 16, 2025
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated,... Moderate Unreviewed
CVE-2025-20284 was published Jul 16, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-46959 was published Jul 16, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-47053 was published Jul 16, 2025
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged... Moderate Unreviewed
CVE-2025-32353 was published Jul 16, 2025
A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This Issue (Data Center) before... Moderate Unreviewed
CVE-2024-42912 was published Jul 16, 2025
Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce... Moderate Unreviewed
CVE-2025-40919 was published Jul 16, 2025
Broken access control in Fortra's GoAnywhere MFT prior to 7.8.1 allows an attacker to create a... Moderate Unreviewed
CVE-2025-3871 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database