Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,593 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30875 was published Sep 9, 2025
Missing Authorization vulnerability in Sovica Target Video Easy Publish. This issue affects... Moderate Unreviewed
CVE-2025-32688 was published Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed
CVE-2025-20280 was published Sep 9, 2025
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute... Moderate Unreviewed
CVE-2025-56435 was published Sep 9, 2025
A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts... Moderate Unreviewed
CVE-2025-9920 was published Sep 9, 2025
A security vulnerability has been detected in Campcodes Sales and Inventory System 1.0. Affected... Moderate Unreviewed
CVE-2025-9922 was published Sep 9, 2025
A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-9921 was published Sep 9, 2025
A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to... Moderate Unreviewed
CVE-2025-20291 was published Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed
CVE-2025-20270 was published Sep 9, 2025
Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged... Moderate Unreviewed
CVE-2025-21036 was published Sep 9, 2025
Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to... Moderate Unreviewed
CVE-2025-21037 was published Sep 9, 2025
Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local... Moderate Unreviewed
CVE-2023-21483 was published Sep 9, 2025
Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG uploads. When a user views... Moderate Unreviewed
CVE-2025-55944 was published Sep 9, 2025
An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1... Moderate Unreviewed
CVE-2025-56498 was published Sep 9, 2025
A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Impacted is an unknown... Moderate Unreviewed
CVE-2025-10107 was published Sep 9, 2025
A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by... Moderate Unreviewed
CVE-2025-47416 was published Sep 9, 2025
A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed
CVE-2025-53609 was published Sep 9, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed
CVE-2024-45325 was published Sep 9, 2025
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle... Moderate Unreviewed
CVE-2025-10095 was published Sep 9, 2025
A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS... Moderate Unreviewed
CVE-2025-40594 was published Sep 9, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... Moderate Unreviewed
CVE-2025-40757 was published Sep 9, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... Moderate Unreviewed
CVE-2025-9542 was published Sep 9, 2025
The Wilmer Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2025-9061 was published Sep 9, 2025
The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of... Moderate Unreviewed
CVE-2025-9111 was published Sep 9, 2025
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2025-9058 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database