Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,582 advisories

Loading
Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V (Artprima) AP... High Unreviewed
CVE-2025-58855 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mark O'Donnell MSTW League Manager allows... High Unreviewed
CVE-2025-58852 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Samer Bechara Ultimate AJAX Login allows... High Unreviewed
CVE-2025-58854 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar allows Stored... High Unreviewed
CVE-2025-58861 was published Sep 5, 2025
Deserialization of Untrusted Data vulnerability in Rubel Miah Aitasi Coming Soon allows Object... High Unreviewed
CVE-2025-58815 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in imjoehaines WordPress Error Monitoring by... High Unreviewed
CVE-2025-58806 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Nick Ciske To Lead For Salesforce allows... High Unreviewed
CVE-2025-58809 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dsingh Purge Varnish Cache allows Stored XSS.... High Unreviewed
CVE-2025-58807 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58788 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58789 was published Sep 5, 2025
Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful... High Unreviewed
CVE-2025-58280 was published Sep 5, 2025
Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful... High Unreviewed
CVE-2025-58281 was published Sep 5, 2025
Race condition vulnerability in the audio module. Impact: Successful exploitation of this... High Unreviewed
CVE-2025-58296 was published Sep 5, 2025
RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows... High Unreviewed
CVE-2025-58400 was published Sep 5, 2025
TkEasyGUI Affected by Uncontrolled Search Path Element Issue High
CVE-2025-55671 was published for TkEasyGUI (pip) Sep 5, 2025
The WordPress Helpdesk Integration plugin for WordPress is vulnerable to Local File Inclusion in... High Unreviewed
CVE-2025-9990 was published Sep 5, 2025
Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability High Unreviewed
CVE-2025-55238 was published Sep 5, 2025
In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an... High Unreviewed
CVE-2025-26431 was published Sep 4, 2025
In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a... High Unreviewed
CVE-2025-26439 was published Sep 4, 2025
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a... High Unreviewed
CVE-2025-32322 was published Sep 4, 2025
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without... High Unreviewed
CVE-2025-48523 was published Sep 4, 2025
In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a... High Unreviewed
CVE-2025-48531 was published Sep 4, 2025
In multiple locations, there is a possible one-time permission bypass due to a logic error in the... High Unreviewed
CVE-2025-48547 was published Sep 4, 2025
In multiple locations, there is a possible way to use apps linked from a context menu of a... High Unreviewed
CVE-2025-48533 was published Sep 4, 2025
In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM... High Unreviewed
CVE-2025-48522 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database