Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT Critical
CVE-2025-24813 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Mar 10, 2025
westonsteimel xuanzern
Apache Tomcat - Authentication Bypass Critical
CVE-2024-52316 was published for org.apache.tomcat:tomcat-catalina (Maven) Nov 18, 2024
Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2024-6246 was published Nov 22, 2024
The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed
CVE-2025-46414 was published Aug 8, 2025
Burk Technology ARC Solo's password change mechanism can be utilized without proper ... Critical Unreviewed
CVE-2025-5095 was published Aug 8, 2025
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication... Critical Unreviewed
CVE-2025-8284 was published Aug 8, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41527 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41528 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41525 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41526 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41530 was published Aug 7, 2025
Node-SAML SAML Signature Verification Vulnerability Critical
CVE-2025-54419 was published for @node-saml/node-saml (npm) Jul 28, 2025
ahacker1-securesaml cjbarth
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed
CVE-2024-1039 was published Feb 2, 2024
Azure Portal Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53792 was published Aug 7, 2025
Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53767 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34152 was published Aug 7, 2025
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on... Critical Unreviewed
CVE-2025-34151 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34148 was published Aug 7, 2025
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02... Critical Unreviewed
CVE-2025-34150 was published Aug 7, 2025
A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model... Critical Unreviewed
CVE-2025-34149 was published Aug 7, 2025
In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following... Critical Unreviewed
CVE-2025-44658 was published Jul 21, 2025
smolagents has Sandbox Escape Vulnerability in the local_python_executor.py Module Critical
CVE-2025-5120 was published for smolagents (pip) Jul 27, 2025
Remote code injection in Log4j Critical
GHSA-94g7-hpv8-h9qm was published for com.splunk.logging:splunk-library-javalogging (Maven) Dec 14, 2021
natstatenet
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed
CVE-2025-49796 was published Jun 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database