Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,177 advisories

Loading
A weakness has been identified in Portabilis i-Educar up to 2.10. The affected element is an... Moderate Unreviewed
CVE-2025-10011 was published Sep 5, 2025
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function... Moderate Unreviewed
CVE-2025-10013 was published Sep 5, 2025
A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-10026 was published Sep 5, 2025
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data... Moderate Unreviewed
CVE-2025-26453 was published Sep 5, 2025
secrets-store-sync-controller discloses service account tokens in logs Moderate
CVE-2025-7445 was published for sigs.k8s.io/secrets-store-sync-controller (Go) Sep 5, 2025
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing... Moderate Unreviewed
CVE-2025-8944 was published Sep 5, 2025
In multiple locations, there is a possible way to leak hidden work profile notifications due to a... Moderate Unreviewed
CVE-2025-48527 was published Sep 4, 2025
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept... Moderate Unreviewed
CVE-2025-32330 was published Sep 4, 2025
In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing... Moderate Unreviewed
CVE-2025-48524 was published Sep 4, 2025
In createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to... Moderate Unreviewed
CVE-2025-48526 was published Sep 4, 2025
In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay... Moderate Unreviewed
CVE-2025-48528 was published Sep 4, 2025
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts... Moderate Unreviewed
CVE-2025-9831 was published Sep 2, 2025
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This... Moderate Unreviewed
CVE-2025-9830 was published Sep 2, 2025
A vulnerability was identified in itsourcecode Student Information Management System 1.0.... Moderate Unreviewed
CVE-2025-9838 was published Sep 3, 2025
A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element... Moderate Unreviewed
CVE-2025-9840 was published Sep 3, 2025
A vulnerability was determined in itsourcecode Student Information Management System 1.0. This... Moderate Unreviewed
CVE-2025-9837 was published Sep 3, 2025
A security flaw has been discovered in itsourcecode Student Information Management System 1.0.... Moderate Unreviewed
CVE-2025-9839 was published Sep 3, 2025
ALIN MDaemon Security Gateway through 8.5.0 allows XML Injection. Moderate Unreviewed
CVE-2022-25356 was published Apr 6, 2022
In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to... Moderate Unreviewed
CVE-2025-26434 was published Sep 5, 2025
In gralloc4, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-32316 was published Sep 5, 2025
The sequence of packets received by a Networking server are not correctly checked. An attacker... Moderate Unreviewed
CVE-2025-9998 was published Sep 5, 2025
In Audio Service, there is a possible way to obtain MAC addresses of nearby Bluetooth devices due... Moderate Unreviewed
CVE-2024-0028 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-48102 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-48103 was published Sep 5, 2025
Missing Authorization vulnerability in VillaTheme HAPPY allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-53571 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database