GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,110

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,865 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid... Critical Unreviewed

CVE-2025-55031 was published Aug 19, 2025

An attacker was able to perform memory corruption in the GMP process which processes encrypted... Critical Unreviewed

CVE-2025-9179 was published Aug 19, 2025

Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence... Critical Unreviewed

CVE-2025-9187 was published Aug 19, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8611 was published Aug 20, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8610 was published Aug 20, 2025

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed

CVE-2011-10026 was published Aug 20, 2025

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed... Critical Unreviewed

CVE-2010-20103 was published Aug 20, 2025

LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser.... Critical Unreviewed

CVE-2010-20049 was published Aug 20, 2025

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in... Critical Unreviewed

CVE-2010-20059 was published Aug 20, 2025

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start... Critical Unreviewed

CVE-2025-8042 was published Aug 19, 2025

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the... Critical Unreviewed

CVE-2025-54143 was published Aug 19, 2025

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a... Critical Unreviewed

CVE-2025-54145 was published Aug 19, 2025

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda... Critical Unreviewed

CVE-2025-27129 was published Aug 20, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi... Critical Unreviewed

CVE-2025-54713 was published Aug 20, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-54726 was published Aug 20, 2025

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege... Critical Unreviewed

CVE-2025-54049 was published Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed

CVE-2025-53577 was published Aug 20, 2025

Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content... Critical Unreviewed

CVE-2025-53299 was published Aug 20, 2025

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed

CVE-2025-53580 was published Aug 20, 2025

Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical... Critical Unreviewed

CVE-2025-54014 was published Aug 20, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-54048 was published Aug 20, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross... Critical Unreviewed

CVE-2025-49381 was published Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed

CVE-2025-48169 was published Aug 20, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ReachShip... Critical Unreviewed

CVE-2025-53213 was published Aug 20, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for... Critical Unreviewed

CVE-2025-48148 was published Aug 20, 2025

Previous 1…13…400 Next

Previous 1 2 … 11 12 13 14 15 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,865 advisories