Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,152
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

270,128 advisories

Loading
CISA Thorium does not rate limit requests to send account verification email messages. A remote... Moderate Unreviewed
CVE-2025-35432 was published Sep 17, 2025
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Impacted is an... Moderate Unreviewed
CVE-2025-10607 was published Sep 17, 2025
A weakness has been identified in Portabilis i-Educar up to 2.10. This issue affects some unknown... Moderate Unreviewed
CVE-2025-10606 was published Sep 17, 2025
A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects... Moderate Unreviewed
CVE-2025-10605 was published Sep 17, 2025
A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue... Moderate Unreviewed
CVE-2025-10603 was published Sep 17, 2025
A vulnerability was identified in PHPGurukul Online Discussion Forum 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-10604 was published Sep 17, 2025
CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated... Moderate Unreviewed
CVE-2025-35431 was published Sep 17, 2025
CISA Thorium accepts a stream split size of zero then divides by this value. A remote,... Moderate Unreviewed
CVE-2025-35435 was published Sep 17, 2025
CISA Thorium does not adequately validate the paths of downloaded files via 'download_ephemeral'... Moderate Unreviewed
CVE-2025-35430 was published Sep 17, 2025
A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. Affected by this... Moderate Unreviewed
CVE-2025-10602 was published Sep 17, 2025
A flaw has been found in SourceCodester Online Exam Form Submission 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-10600 was published Sep 17, 2025
A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote... Critical Unreviewed
CVE-2025-59304 was published Sep 17, 2025
CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An... Moderate Unreviewed
CVE-2025-35436 was published Sep 17, 2025
A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue... Moderate Unreviewed
CVE-2025-10598 was published Sep 17, 2025
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management... Moderate Unreviewed
CVE-2025-10599 was published Sep 17, 2025
CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An... Low Unreviewed
CVE-2025-35433 was published Sep 17, 2025
A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an... Moderate Unreviewed
CVE-2025-10601 was published Sep 17, 2025
CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An... Low Unreviewed
CVE-2025-35434 was published Sep 17, 2025
A vulnerability was determined in kidaze CourseSelectionSystem up to... Moderate Unreviewed
CVE-2025-10597 was published Sep 17, 2025
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of... Moderate Unreviewed
CVE-2025-9760 was published Sep 17, 2025
WonderCMS 3.5.0 is vulnerable to Server-Side Request Forgery (SSRF) in the custom module... Moderate Unreviewed
CVE-2025-57055 was published Sep 17, 2025
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely. Session ids... High Unreviewed
CVE-2025-40933 was published Sep 17, 2025
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in... Unknown Unreviewed
CVE-2023-53363 was published Sep 17, 2025
In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: fix mem... Unknown Unreviewed
CVE-2023-53367 was published Sep 17, 2025
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3... High Unreviewed
CVE-2024-48842 was published Sep 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database