Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,868
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,118
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,070 advisories

Loading
Improper Access Control vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP... Moderate Unreviewed
CVE-2025-43784 was published Sep 10, 2025
A weakness has been identified in yanyutao0402 ChanCMS up to 3.3.0. Impacted is the function... Moderate Unreviewed
CVE-2025-10210 was published Sep 10, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged... Moderate Unreviewed
CVE-2024-47120 was published Sep 10, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a remote... Moderate Unreviewed
CVE-2024-45669 was published Sep 10, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than... Moderate Unreviewed
CVE-2024-45671 was published Sep 10, 2025
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a... Moderate Unreviewed
CVE-2025-9714 was published Sep 10, 2025
A security vulnerability has been detected in yanyutao0402 ChanCMS 3.3.0. The affected element is... Moderate Unreviewed
CVE-2025-10211 was published Sep 10, 2025
Reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.3.73 through 7.4.3.128,... Moderate Unreviewed
CVE-2025-43783 was published Sep 10, 2025
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some... Moderate Unreviewed
CVE-2025-10209 was published Sep 10, 2025
Infrahub: Deleted and expired API tokens can still authenticate Moderate
CVE-2025-59036 was published for infrahub-server (pip) Sep 10, 2025
fatih-acar
Indico vulnerable to Cross-Site Scripting via LaTeX math code Moderate
CVE-2025-59035 was published for indico (pip) Sep 10, 2025
ThiefMaster
Indico may disclose unauthorized user details access via legacy API Moderate
CVE-2025-59034 was published for indico (pip) Sep 10, 2025
inkz
Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user... Moderate Unreviewed
CVE-2025-8681 was published Sep 10, 2025
Liferay Portal and Liferay DXP vulnerable to Stored Cross-site Scripting Moderate
CVE-2025-43785 was published for com.liferay.portal:release.dxp.bom (Maven) Sep 10, 2025
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose... Moderate Unreviewed
CVE-2025-57573 was published Sep 10, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: ... Moderate Unreviewed
CVE-2025-43886 was published Sep 10, 2025
A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated... Moderate Unreviewed
CVE-2025-20248 was published Sep 10, 2025
A vulnerability in the management interface access control list (ACL) processing feature in Cisco... Moderate Unreviewed
CVE-2025-20159 was published Sep 10, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext... Moderate Unreviewed
CVE-2025-43938 was published Sep 10, 2025
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter... Moderate Unreviewed
CVE-2025-57570 was published Sep 10, 2025
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController. Moderate Unreviewed
CVE-2025-29592 was published Sep 10, 2025
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter... Moderate Unreviewed
CVE-2025-57569 was published Sep 10, 2025
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList... Moderate Unreviewed
CVE-2025-57571 was published Sep 10, 2025
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList... Moderate Unreviewed
CVE-2025-57572 was published Sep 10, 2025
A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is... Moderate Unreviewed
CVE-2025-9847 was published Sep 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database