Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,221 advisories

Loading
The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is... Moderate Unreviewed
CVE-2025-6067 was published Sep 6, 2025
A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-10027 was published Sep 6, 2025
MongoDB Server may allow upsert operations retried within a transaction to violate unique index... Moderate Unreviewed
CVE-2025-10060 was published Sep 5, 2025
A flaw was found in Keycloak. Keycloak’s account console and other pages accept arbitrary text in... Moderate Unreviewed
CVE-2025-10044 was published Sep 5, 2025
A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-10026 was published Sep 5, 2025
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group... Moderate Unreviewed
CVE-2025-10061 was published Sep 5, 2025
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-53791 was published Sep 5, 2025
A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an... Moderate Unreviewed
CVE-2025-10025 was published Sep 5, 2025
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers.... Moderate Unreviewed
CVE-2025-10059 was published Sep 5, 2025
The Biagiotti Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-9057 was published Sep 5, 2025
A vulnerability was detected in O2OA up to 10.0-410. Affected is an unknown function of the file ... Moderate Unreviewed
CVE-2025-9737 was published Sep 5, 2025
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980,... Moderate Unreviewed
CVE-2025-32100 was published Sep 5, 2025
An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve... Moderate Unreviewed
CVE-2025-32098 was published Sep 5, 2025
A security vulnerability has been detected in givanz Vvveb 1.0.7.2. This affects an unknown part... Moderate Unreviewed
CVE-2025-9728 was published Sep 5, 2025
A weakness has been identified in O2OA up to 10.0-410. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-9735 was published Sep 5, 2025
A security vulnerability has been detected in O2OA up to 10.0-410. This impacts an unknown... Moderate Unreviewed
CVE-2025-9736 was published Sep 5, 2025
A vulnerability has been found in Khanakag-17 Library Management System up to... Moderate Unreviewed
CVE-2025-9755 was published Sep 5, 2025
xgrammar vulnerable to denial of service by huge enum grammar Moderate
CVE-2025-58446 was published for xgrammar (pip) Sep 5, 2025
xendo
secrets-store-sync-controller discloses service account tokens in logs Moderate
CVE-2025-7445 was published for sigs.k8s.io/secrets-store-sync-controller (Go) Sep 5, 2025
FS2 half-shutdown of socket during TLS handshake may result in spin loop on opposite side Moderate
CVE-2025-58369 was published for co.fs2:fs2-io_0.26 (Maven) Sep 5, 2025
In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to... Moderate Unreviewed
CVE-2025-26434 was published Sep 5, 2025
In gralloc4, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-32316 was published Sep 5, 2025
In Audio Service, there is a possible way to obtain MAC addresses of nearby Bluetooth devices due... Moderate Unreviewed
CVE-2024-0028 was published Sep 5, 2025
The sequence of packets received by a Networking server are not correctly checked. An attacker... Moderate Unreviewed
CVE-2025-9998 was published Sep 5, 2025
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function... Moderate Unreviewed
CVE-2025-10013 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database