Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,648 advisories

Loading
Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-30767 was published Mar 27, 2025
The affected versions of PowerCMS allow HTTP header injection. This vulnerability can be... Moderate Unreviewed
CVE-2025-29993 was published Mar 27, 2025
An intent redriction vulnerability exists in the Xiaomi quick App framework application product.... Moderate Unreviewed
CVE-2024-45353 was published Mar 27, 2025
A code execution vulnerability exists in the Xiaomi shop applicationproduct. The vulnerability is... Moderate Unreviewed
CVE-2024-45354 was published Mar 27, 2025
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... Moderate Unreviewed
CVE-2024-45355 was published Mar 27, 2025
A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is... Moderate Unreviewed
CVE-2024-45361 was published Mar 27, 2025
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in... Moderate Unreviewed
CVE-2025-0273 was published Mar 27, 2025
Cross-Site Scripting (XSS) vulnerability in the Logbug module of NightWolf Penetration Testing... Moderate Unreviewed
CVE-2025-31165 was published Mar 27, 2025
A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-2835 was published Mar 27, 2025
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-2685 was published Mar 27, 2025
A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic... Moderate Unreviewed
CVE-2025-2833 was published Mar 27, 2025
A vulnerability was found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to... Moderate Unreviewed
CVE-2025-2832 was published Mar 27, 2025
A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to... Moderate Unreviewed
CVE-2025-2831 was published Mar 27, 2025
The MediaView plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id'... Moderate Unreviewed
CVE-2025-2481 was published Mar 27, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and... Moderate Unreviewed
CVE-2025-20230 was published Mar 27, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform... Moderate Unreviewed
CVE-2025-20227 was published Mar 27, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform... Moderate Unreviewed
CVE-2025-20226 was published Mar 27, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20228 was published Mar 27, 2025
Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2025-2838 was published Mar 27, 2025
Local privilege escalation due to a binary hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-30407 was published Mar 27, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20232 was published Mar 27, 2025
An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed
CVE-2024-55965 was published Mar 26, 2025
A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 - Build 3 allows... Moderate Unreviewed
CVE-2025-29322 was published Mar 26, 2025
Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows... Moderate Unreviewed
CVE-2025-2600 was published Mar 26, 2025
Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows... Moderate Unreviewed
CVE-2025-2562 was published Mar 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database