Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,862 advisories

Loading
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... Critical Unreviewed
CVE-2025-41371 was published Aug 1, 2025
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software,... Critical Unreviewed
CVE-2025-8454 was published Aug 1, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5947 was published Aug 1, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line... Critical Unreviewed
CVE-2025-8286 was published Jul 31, 2025
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated... Critical Unreviewed
CVE-2025-26062 was published Jul 31, 2025
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to... Critical Unreviewed
CVE-2025-26063 was published Jul 31, 2025
num2words subjected to phishing attack, two versions published containing malware Critical
GHSA-jxr6-qrxx-2ph2 was published for num2words (pip) Jul 31, 2025
Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and... Critical Unreviewed
CVE-2025-8426 was published Jul 31, 2025
Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a... Critical Unreviewed
CVE-2014-125121 was published Jul 31, 2025
ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php... Critical Unreviewed
CVE-2013-10040 was published Jul 31, 2025
An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel ... Critical Unreviewed
CVE-2014-125123 was published Jul 31, 2025
A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the... Critical Unreviewed
CVE-2013-10042 was published Jul 31, 2025
An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6,... Critical Unreviewed
CVE-2025-50475 was published Jul 31, 2025
An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0... Critical Unreviewed
CVE-2013-10038 was published Jul 31, 2025
A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper... Critical Unreviewed
CVE-2013-10043 was published Jul 31, 2025
An unauthenticated remote command execution vulnerability exists in Pandora FMS versions up to... Critical Unreviewed
CVE-2014-125124 was published Jul 31, 2025
An unrestricted file upload vulnerability exists in Simple E-Document versions 3.0 to 3.1 that... Critical Unreviewed
CVE-2014-125126 was published Jul 31, 2025
An OS command injection vulnerability exists in WebTester version 5.x via the install2.php... Critical Unreviewed
CVE-2013-10037 was published Jul 31, 2025
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore... Critical Unreviewed
CVE-2013-10033 was published Jul 31, 2025
An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The... Critical Unreviewed
CVE-2013-10034 was published Jul 31, 2025
A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router... Critical Unreviewed
CVE-2012-10021 was published Jul 31, 2025
OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion Critical
CVE-2025-54576 was published for github.com/oauth2-proxy/oauth2-proxy/v7 (Go) Jul 30, 2025
jennifer-recurity
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed
CVE-2025-50578 was published Jul 30, 2025
A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with... Critical Unreviewed
CVE-2025-46811 was published Jul 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database