Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004... Critical Unreviewed
CVE-2025-36157 was published Aug 24, 2025
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed
CVE-2025-5821 was published Aug 23, 2025
The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7... Critical Unreviewed
CVE-2025-7642 was published Aug 23, 2025
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a... Critical Unreviewed
CVE-2022-43110 was published Aug 22, 2025
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield... Critical Unreviewed
CVE-2022-31491 was published Aug 22, 2025
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau... Critical Unreviewed
CVE-2025-26496 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to... Critical Unreviewed
CVE-2024-53496 was published Aug 22, 2025
An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated... Critical Unreviewed
CVE-2024-52786 was published Aug 22, 2025
Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function... Critical Unreviewed
CVE-2025-55613 was published Aug 22, 2025
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READ_STRING_SYSCALL. Critical Unreviewed
CVE-2025-29365 was published Aug 22, 2025
A vulnerability was identified in Docker Desktop that allows local running Linux containers to... Critical Unreviewed
CVE-2025-9074 was published Aug 20, 2025
UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in... Critical Unreviewed
CVE-2009-10006 was published Aug 22, 2025
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c... Critical Unreviewed
CVE-2023-47212 was published May 1, 2024
The devices are vulnerable to an authentication bypass due to flaws in the authorization... Critical Unreviewed
CVE-2025-41652 was published May 27, 2025
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.  Critical Unreviewed
CVE-2024-28751 was published Jul 9, 2024
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-9254 was published Aug 22, 2025
Active Storage allowed transformation methods that were potentially unsafe Critical
CVE-2025-24293 was published for activestorage (RubyGems) Aug 14, 2025
th4s1s
Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a... Critical Unreviewed
CVE-2010-20115 was published Aug 21, 2025
Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer... Critical Unreviewed
CVE-2010-20122 was published Aug 21, 2025
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-53763 was published Aug 21, 2025
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2025-53795 was published Aug 21, 2025
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed
CVE-2025-3128 was published Aug 21, 2025
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by... Critical Unreviewed
CVE-2010-20112 was published Aug 21, 2025
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user... Critical Unreviewed
CVE-2025-52352 was published Aug 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database