Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,147 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram allows... Moderate Unreviewed
CVE-2025-58794 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bjorn Manintveld BCM Duplicate Menu allows... Moderate Unreviewed
CVE-2025-58798 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58791 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58790 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58793 was published Sep 5, 2025
Missing Authorization vulnerability in Payoneer Checkout Payoneer Checkout allows Content... Moderate Unreviewed
CVE-2025-58795 was published Sep 5, 2025
An attacker with authenticated and privileged access could modify the contents of a non-sensitive... Moderate Unreviewed
CVE-2025-48395 was published Sep 5, 2025
Race condition vulnerability in the device standby module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-58313 was published Sep 5, 2025
Permission verification vulnerability in the home screen module Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-58276 was published Sep 5, 2025
Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for... Moderate Unreviewed
CVE-2025-41408 was published Sep 5, 2025
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed
CVE-2025-58401 was published Sep 5, 2025
The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's... Moderate Unreviewed
CVE-2025-8684 was published Sep 5, 2025
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing... Moderate Unreviewed
CVE-2025-8944 was published Sep 5, 2025
XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects... Moderate Unreviewed
CVE-2025-9375 was published Sep 5, 2025
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized... Moderate Unreviewed
CVE-2025-55242 was published Sep 5, 2025
In android_app of Android.bp, there is a possible way to launch any activity as a system user.... Moderate Unreviewed
CVE-2025-22415 was published Sep 4, 2025
In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to... Moderate Unreviewed
CVE-2025-48538 was published Sep 4, 2025
In multiple locations, there is a possible leak of an image across the Android User isolation... Moderate Unreviewed
CVE-2025-48551 was published Sep 4, 2025
In multiple functions of AppOpsService.java, there is a possible add a large amount of app ops... Moderate Unreviewed
CVE-2025-48559 was published Sep 4, 2025
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent... Moderate Unreviewed
CVE-2025-48554 was published Sep 4, 2025
In multiple locations, there is a possible way to access data displayed on the screen due to side... Moderate Unreviewed
CVE-2025-48561 was published Sep 4, 2025
In writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a... Moderate Unreviewed
CVE-2025-48562 was published Sep 4, 2025
In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an... Moderate Unreviewed
CVE-2024-40664 was published Sep 4, 2025
In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing... Moderate Unreviewed
CVE-2025-48524 was published Sep 4, 2025
In createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to... Moderate Unreviewed
CVE-2025-48526 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database