GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,140

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,868 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical

CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025

A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe... Critical Unreviewed

CVE-2016-15044 was published Jul 24, 2025

A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1... Critical Unreviewed

CVE-2018-25114 was published Jul 23, 2025

An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and... Critical Unreviewed

CVE-2015-10141 was published Jul 23, 2025

Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code... Critical Unreviewed

CVE-2022-4978 was published Jul 23, 2025

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management... Critical Unreviewed

CVE-2025-40599 was published Jul 23, 2025

The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker... Critical Unreviewed

CVE-2017-20198 was published Jul 23, 2025

A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows... Critical Unreviewed

CVE-2025-54294 was published Jul 23, 2025

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate... Critical Unreviewed

CVE-2025-53882 was published Jul 23, 2025

The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value... Critical Unreviewed

CVE-2025-8070 was published Jul 23, 2025

An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management... Critical Unreviewed

CVE-2025-41687 was published Jul 23, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed

CVE-2025-54449 was published Jul 23, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed

CVE-2025-54448 was published Jul 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54446 was published Jul 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics... Critical Unreviewed

CVE-2025-54451 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54455 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54454 was published Jul 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54443 was published Jul 23, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed

CVE-2025-54442 was published Jul 23, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed

CVE-2025-54444 was published Jul 23, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... Critical Unreviewed

CVE-2025-54440 was published Jul 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54438 was published Jul 23, 2025

Thunderbird ignored paths when checking the validity of navigations in a frame. This... Critical Unreviewed

CVE-2025-8038 was published Jul 22, 2025

On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too... Critical Unreviewed

CVE-2025-8028 was published Jul 22, 2025

The `username:password` part was not correctly stripped from URLs in CSP reports potentially... Critical Unreviewed

CVE-2025-8031 was published Jul 22, 2025

Previous 1…23…400 Next

Previous 1 2 … 21 22 23 24 25 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,868 advisories