Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,427 advisories

Loading
A vulnerability was found in propanetank Roommate-Bill-Tracking up to... Moderate Unreviewed
CVE-2017-20197 was published Apr 9, 2025
Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing Moderate
CVE-2025-31672 was published for org.apache.poi:poi-ooxml (Maven) Apr 9, 2025
Cleartext transmission of sensitive information issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac series... Moderate Unreviewed
CVE-2025-27722 was published Apr 9, 2025
Improper restriction of rendered UI layers or frames issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac... Moderate Unreviewed
CVE-2025-25213 was published Apr 9, 2025
Cross-site request forgery vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user... Moderate Unreviewed
CVE-2025-25056 was published Apr 9, 2025
Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2025-20952 was published Apr 9, 2025
This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi... Moderate Unreviewed
CVE-2025-3442 was published Apr 9, 2025
Incorrect privilege assignment vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP... Moderate Unreviewed
CVE-2025-23407 was published Apr 9, 2025
The WP Project Manager – Task, team, and project management plugin featuring kanban board and... Moderate Unreviewed
CVE-2025-3100 was published Apr 9, 2025
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its... Moderate Unreviewed
CVE-2024-6857 was published Apr 9, 2025
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its... Moderate Unreviewed
CVE-2024-6860 was published Apr 9, 2025
The WordPress/Plugin Upgrade Time Out Plugin WordPress plugin through 1.0 does not have CSRF... Moderate Unreviewed
CVE-2024-8243 was published Apr 9, 2025
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap... Moderate Unreviewed
CVE-2025-32464 was published Apr 9, 2025
Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged... Moderate Unreviewed
CVE-2025-29988 was published Apr 9, 2025
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c,... Moderate Unreviewed
CVE-2025-32460 was published Apr 9, 2025
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive... Moderate Unreviewed
CVE-2025-25013 was published Apr 9, 2025
Magento Improper Authorization vulnerability Moderate
CVE-2025-27188 was published for magento/community-edition (Composer) Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27191 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27189 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27190 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure... Moderate Unreviewed
CVE-2025-30291 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-30294 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a reflected Cross-Site... Moderate Unreviewed
CVE-2025-30292 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-30293 was published Apr 8, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read... Moderate Unreviewed
CVE-2025-30303 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database