Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,879 advisories

Loading
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed
CVE-2025-34300 was published Jul 16, 2025
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce... Critical Unreviewed
CVE-2025-52836 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52714 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object... Critical Unreviewed
CVE-2025-30973 was published Jul 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows... Critical Unreviewed
CVE-2025-48300 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener allows... Critical Unreviewed
CVE-2025-28961 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30936 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram allows Object... Critical Unreviewed
CVE-2025-30949 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28982 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28959 was published Jul 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription... Critical Unreviewed
CVE-2025-29009 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24759 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross... Critical Unreviewed
CVE-2025-54010 was published Jul 16, 2025
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K... Critical Unreviewed
CVE-2025-7673 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an attacker to inject commands with root... Critical Unreviewed
CVE-2025-52688 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a... Critical Unreviewed
CVE-2025-52689 was published Jul 16, 2025
Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). ... Critical Unreviewed
CVE-2025-50067 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine... Critical Unreviewed
CVE-2025-41237 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI ... Critical Unreviewed
CVE-2025-41238 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3... Critical Unreviewed
CVE-2025-41236 was published Jul 15, 2025
pyLoad vulnerable to XSS through insecure CAPTCHA Critical
CVE-2025-53890 was published for pyload-ng (pip) Jul 15, 2025
odaysec
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral... Critical Unreviewed
CVE-2025-34112 was published Jul 15, 2025
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows,... Critical Unreviewed
CVE-2025-34110 was published Jul 15, 2025
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions... Critical Unreviewed
CVE-2025-52376 was published Jul 15, 2025
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed
CVE-2025-34111 was published Jul 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database