GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,093

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,859 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

XWiki configuration files can be accessed through the webjars API Critical

CVE-2025-55747 was published for org.xwiki.platform:xwiki-platform-webjars-api (Maven) Sep 3, 2025

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer... Critical Unreviewed

CVE-2025-57052 was published Sep 3, 2025

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability... Critical Unreviewed

CVE-2025-53693 was published Sep 3, 2025

An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker... Critical Unreviewed

CVE-2025-26210 was published Sep 3, 2025

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability... Critical Unreviewed

CVE-2025-9276 was published Sep 2, 2025

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path. Critical Unreviewed

CVE-2025-57140 was published Sep 2, 2025

In FDL1, there is a possible missing payload size check. This could lead to memory buffer... Critical Unreviewed

CVE-2022-38693 was published Sep 2, 2025

In BootRom, there's a possible missing payload size check. This could lead to memory buffer... Critical Unreviewed

CVE-2022-38696 was published Sep 2, 2025

In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This... Critical Unreviewed

CVE-2022-38692 was published Sep 2, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management... Critical Unreviewed

CVE-2025-31100 was published Aug 31, 2025

Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects... Critical Unreviewed

CVE-2024-32832 was published Aug 31, 2025

TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed

CVE-2024-46484 was published Aug 29, 2025

An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed

CVE-2025-52856 was published Aug 29, 2025

SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-44033 was published Aug 29, 2025

Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed

CVE-2025-8857 was published Aug 29, 2025

TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2025-8861 was published Aug 29, 2025

Valtimo scripting engine can be used to gain access to sensitive data or resources Critical

CVE-2025-58059 was published for com.ritense.valtimo:core (Maven) Aug 28, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster... Critical Unreviewed

CVE-2025-54738 was published Aug 28, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows... Critical Unreviewed

CVE-2025-54725 was published Aug 28, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-54720 was published Aug 28, 2025

D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command... Critical Unreviewed

CVE-2025-55583 was published Aug 28, 2025

Deserialization of Untrusted Data vulnerability in manfcarlo WP Funnel Manager allows Object... Critical Unreviewed

CVE-2025-52761 was published Aug 28, 2025

Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin allows... Critical Unreviewed

CVE-2025-49388 was published Aug 28, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File... Critical Unreviewed

CVE-2025-49387 was published Aug 28, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-39496 was published Aug 28, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,859 advisories