Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24759 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross... Critical Unreviewed
CVE-2025-54010 was published Jul 16, 2025
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K... Critical Unreviewed
CVE-2025-7673 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an attacker to inject commands with root... Critical Unreviewed
CVE-2025-52688 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a... Critical Unreviewed
CVE-2025-52689 was published Jul 16, 2025
Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). ... Critical Unreviewed
CVE-2025-50067 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3... Critical Unreviewed
CVE-2025-41236 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI ... Critical Unreviewed
CVE-2025-41238 was published Jul 15, 2025
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine... Critical Unreviewed
CVE-2025-41237 was published Jul 15, 2025
pyLoad vulnerable to XSS through insecure CAPTCHA Critical
CVE-2025-53890 was published for pyload-ng (pip) Jul 15, 2025
odaysec
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions... Critical Unreviewed
CVE-2025-52376 was published Jul 15, 2025
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed
CVE-2025-34111 was published Jul 15, 2025
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows,... Critical Unreviewed
CVE-2025-34110 was published Jul 15, 2025
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral... Critical Unreviewed
CVE-2025-34112 was published Jul 15, 2025
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware... Critical Unreviewed
CVE-2025-34103 was published Jul 15, 2025
An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed
CVE-2025-34068 was published Jul 15, 2025
An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior... Critical Unreviewed
CVE-2025-34104 was published Jul 15, 2025
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss... Critical Unreviewed
CVE-2025-34105 was published Jul 15, 2025
Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows... Critical Unreviewed
CVE-2025-3621 was published Jul 15, 2025
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-5393 was published Jul 15, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7360 was published Jul 15, 2025
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-5394 was published Jul 15, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7341 was published Jul 15, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7340 was published Jul 15, 2025
XWiki Rendering is vulnerable to RCE attacks when processing nested macros Critical
CVE-2025-53836 was published for org.xwiki.rendering:xwiki-rendering-transformation-macro (Maven) Jul 14, 2025
renniepak
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database