GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

137,139 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Hardware Management Console - Power 10.3.1050.0 and 11.1.1110.0 is vulnerable to stored cross... Moderate Unreviewed

CVE-2025-36125 was published Sep 9, 2025

Liferay Portal exposes ERC which can lead to exploit the time response attack Moderate

CVE-2025-43786 was published for com.liferay:com.liferay.headless.admin.workflow.impl (Maven) Sep 9, 2025

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed

CVE-2025-55052 was published Sep 9, 2025

In pfSense CE /usr/local/www/snort/snort_ip_reputation.php, the value of the iplist parameter is... Moderate Unreviewed

CVE-2025-34173 was published Sep 9, 2025

In pfSense CE /usr/local/www/status_traffic_totals.php, the value of the start-day parameter is... Moderate Unreviewed

CVE-2025-34174 was published Sep 9, 2025

In pfSense CE /usr/local/www/haproxy/haproxy_stats.php, the value of the showsticktablecontent... Moderate Unreviewed

CVE-2025-34172 was published Sep 9, 2025

In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter... Moderate Unreviewed

CVE-2025-34175 was published Sep 9, 2025

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2025-10164 was published Sep 9, 2025

Liferay Portal is vulnerable to XSS attacks via its remote app title field Moderate

CVE-2025-43775 was published for com.liferay:com.liferay.client.extension.web (Maven) Sep 9, 2025

Liferay Portal is vulnerable to XSS attack through its search bar portlet Moderate

CVE-2025-43781 was published for com.liferay:com.liferay.portal.search.web (Maven) Sep 9, 2025

TinyEnv: Inline comments not stripped properly in .env values Moderate

CVE-2025-58759 was published for datahihi1/tiny-env (Composer) Sep 9, 2025

TinyEnv: Missing .env file not required — may cause unexpected behavior Moderate

CVE-2025-58758 was published for datahihi1/tiny-env (Composer) Sep 9, 2025

Element Plus Link component (el-link) implements insufficient input validation for the href attribute Moderate

CVE-2025-57665 was published for element-plus (npm) Sep 9, 2025

A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. This impacts an unknown... Moderate Unreviewed

CVE-2025-5500 was published Sep 9, 2025

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server... Moderate Unreviewed

CVE-2025-9269 was published Sep 9, 2025

Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS allows Accessing... Moderate Unreviewed

CVE-2025-58980 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-58982 was published Sep 9, 2025

Missing Authorization vulnerability in frenify Categorify allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-59005 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-58987 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-58989 was published Sep 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross... Moderate Unreviewed

CVE-2025-58975 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-58988 was published Sep 9, 2025

Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital... Moderate Unreviewed

CVE-2025-58976 was published Sep 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-58990 was published Sep 9, 2025

A stored cross-site scripting (XSS) vulnerability in the HTTP Proxy field within the Datacenter... Moderate Unreviewed

CVE-2025-57538 was published Sep 9, 2025

Previous 1…7…400 Next

Previous 1 2 … 5 6 7 8 9 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

137,139 advisories