Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,154 advisories

Loading
Issue of buffer overflow caused by insufficient data verification in the kernel drop detection... Moderate Unreviewed
CVE-2025-54636 was published Aug 6, 2025
Input verification vulnerability in the home screen module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54614 was published Aug 6, 2025
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed
CVE-2024-20274 was published Oct 23, 2024
Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string Moderate
CVE-2024-52279 was published for org.apache.zeppelin:zeppelin-jdbc (Maven) Aug 3, 2025
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1465 was published Nov 18, 2024
Crash due to uncontrolled recursion in protobuf crate Moderate
CVE-2025-53605 was published for protobuf (Rust) Mar 7, 2025
morningstarxcdcode
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation... Moderate Unreviewed
CVE-2025-30480 was published Jul 30, 2025
An issue existed in the handling of environment variables. This issue was addressed with improved... Moderate Unreviewed
CVE-2025-43195 was published Jul 30, 2025
The vulnerability was identified in the code developed specifically for Lenovo. Please visit ... Moderate Unreviewed
CVE-2025-4424 was published Jul 30, 2025
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical.... Moderate Unreviewed
CVE-2025-8266 was published Jul 28, 2025
The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to... Moderate Unreviewed
CVE-2025-8097 was published Jul 26, 2025
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to... Moderate Unreviewed
CVE-2025-47182 was published Jul 11, 2025
Emerson ValveLink products receive input or data, but it do not validate or incorrectly ... Moderate Unreviewed
CVE-2025-53471 was published Jul 11, 2025
Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check Moderate
CVE-2025-53652 was published for org.jenkins-ci.tools:git-parameter (Maven) Jul 9, 2025
Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission... Moderate Unreviewed
CVE-2025-44526 was published Jul 9, 2025
A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin version... Moderate Unreviewed
CVE-2025-34032 was published Jun 26, 2025
Denied Host Validation Bypass in Zitadel Actions Moderate
CVE-2024-49753 was published for github.com/zitadel/zitadel (Go) Oct 25, 2024
prdp1137 livio-a
fforootd
An improper Input Validation vulnerability allows injecting arbitrary values of the NAS... Moderate Unreviewed
CVE-2025-7378 was published Jul 9, 2025
A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This... Moderate Unreviewed
CVE-2025-7216 was published Jul 9, 2025
Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This... Moderate Unreviewed
CVE-2025-53075 was published Jun 30, 2025
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations... Moderate Unreviewed
CVE-2025-24002 was published Jul 8, 2025
A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical.... Moderate Unreviewed
CVE-2025-7099 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database