Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,508
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,491 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9... Moderate Unreviewed
CVE-2025-0362 was published Apr 10, 2025
BlueCMS 1.6 suffers from Arbitrary File Deletion via the id parameter in an /publish.php?act=del... Moderate Unreviewed
CVE-2025-29150 was published Apr 10, 2025
An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9... Moderate Unreviewed
CVE-2024-11129 was published Apr 10, 2025
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all up to 17.8.7,... Moderate Unreviewed
CVE-2025-1677 was published Apr 10, 2025
IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which... Moderate Unreviewed
CVE-2023-43035 was published Apr 10, 2025
IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2023-42007 was published Apr 10, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17... Moderate Unreviewed
CVE-2025-2408 was published Apr 10, 2025
IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2023-43037 was published Apr 10, 2025
crossbeam-channel Vulnerable to Double Free on Drop Moderate
CVE-2025-4574 was published for crossbeam-channel (Rust) Apr 10, 2025
Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow Moderate
CVE-2025-32387 was published for helm.sh/helm/v3 (Go) Apr 10, 2025
jake-ciolek
Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination Moderate
CVE-2025-32386 was published for helm.sh/helm/v3 (Go) Apr 10, 2025
jake-ciolek
Silverstripe Framework has a XSS vulnerability in HTML editor Moderate
CVE-2025-30148 was published for silverstripe/framework (Composer) Apr 10, 2025
Silverstripe cross-site scripting (XSS) attack in elemental "Content blocks in use" report Moderate
CVE-2025-25197 was published for dnadesign/silverstripe-elemental (Composer) Apr 10, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-31411 was published Apr 10, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web... Moderate Unreviewed
CVE-2025-22374 was published Apr 10, 2025
A potential security vulnerability in HPE NonStop OSM Service Connection Suite could potentially... Moderate Unreviewed
CVE-2025-27081 was published Apr 10, 2025
Missing Authorization vulnerability in Alimir WP ULike. This issue affects WP ULike: from n/a... Moderate Unreviewed
CVE-2025-32259 was published Apr 10, 2025
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed
CVE-2025-32275 was published Apr 10, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google... Moderate Unreviewed
CVE-2025-32282 was published Apr 10, 2025
Missing Authorization vulnerability in Hive Support Hive Support allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-32208 was published Apr 10, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-32214 was published Apr 10, 2025
Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects... Moderate Unreviewed
CVE-2025-32260 was published Apr 10, 2025
Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple... Moderate Unreviewed
CVE-2025-32236 was published Apr 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite... Moderate Unreviewed
CVE-2025-32215 was published Apr 10, 2025
Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation... Moderate Unreviewed
CVE-2025-32210 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database