Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,106
NuGet
735
pip
3,928
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,416 advisories

Loading
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
UnoPim has CSV Injection on Quick Export feature Low
CVE-2025-55745 was published for unopim/unopim (Composer) Aug 22, 2025
sn1p3rt3s7
Bouncy Castle for Java has Out-of-Bounds Write Vulnerability Low
CVE-2025-9340 was published for org.bouncycastle:bc-fips (Maven) Aug 22, 2025
Rust XCB `xcb::Connection::connect_to_fd*` functions violate I/O safety Low
GHSA-655h-hg88-5qmf was published for xcb (Rust) Aug 22, 2025
Liferay Portal Reflected Cross-Site Scripting Vulnerability via Form Container Low
CVE-2025-43753 was published for com.liferay:com.liferay.layout.taglib (Maven) Aug 22, 2025
An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to... Low Unreviewed
CVE-2025-55523 was published Aug 21, 2025
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected... Low Unreviewed
CVE-2023-38533 was published Jun 11, 2024
A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file ... Low Unreviewed
CVE-2025-9309 was published Aug 21, 2025
wong2 mcp-cli Command Injection Vulnerability Low
CVE-2025-9262 was published for @wong2/mcp-cli (npm) Aug 21, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0... Low Unreviewed
CVE-2025-2988 was published Aug 19, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/apps.js Low
CVE-2025-9096 was published for express-gateway (npm) Aug 18, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/users.js Low
CVE-2025-9095 was published for express-gateway (npm) Aug 18, 2025
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability Low
CVE-2025-9092 was published for org.bouncycastle:bc-fips (Maven) Aug 16, 2025
Liferay Portal Login Bypass Vulnerability Low
CVE-2025-3639 was published for com.liferay.portal:release.portal.bom (Maven) Aug 18, 2025
Liferay Portal Vulnerable to Cross-Site Scripting Low
CVE-2025-43733 was published for com.liferay:com.liferay.layout.taglib (Maven) Aug 18, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request... Low Unreviewed
CVE-2025-54234 was published Aug 18, 2025
IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing... Low Unreviewed
CVE-2024-49827 was published Aug 18, 2025
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is... Low Unreviewed
CVE-2025-9091 was published Aug 17, 2025
A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this... Low Unreviewed
CVE-2017-20199 was published Aug 16, 2025
Template Secret leakage in logs in Scaffolder when using `fetch:template` Low
CVE-2025-55285 was published for @backstage/plugin-scaffolder-backend (npm) Aug 15, 2025
A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function... Low Unreviewed
CVE-2025-9019 was published Aug 15, 2025
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function... Low Unreviewed
CVE-2025-9020 was published Aug 15, 2025
The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery... Low Unreviewed
CVE-2025-8013 was published Aug 15, 2025
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2025-31961 was published Aug 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database