Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,849 advisories

Loading
The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe... Critical Unreviewed
CVE-2025-51092 was published Aug 22, 2025
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau... Critical Unreviewed
CVE-2025-26496 was published Aug 22, 2025
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior... Critical Unreviewed
CVE-2025-4609 was published Aug 22, 2025
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user... Critical Unreviewed
CVE-2022-45134 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to... Critical Unreviewed
CVE-2024-53496 was published Aug 22, 2025
An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated... Critical Unreviewed
CVE-2024-52786 was published Aug 22, 2025
Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function... Critical Unreviewed
CVE-2025-55613 was published Aug 22, 2025
The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute... Critical Unreviewed
CVE-2025-57105 was published Aug 22, 2025
Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API. Critical Unreviewed
CVE-2024-53499 was published Aug 22, 2025
An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-52095 was published Aug 22, 2025
zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can... Critical Unreviewed
CVE-2024-50644 was published Aug 22, 2025
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and... Critical Unreviewed
CVE-2025-55619 was published Aug 22, 2025
An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In... Critical Unreviewed
CVE-2025-55398 was published Aug 22, 2025
In mupen64plus v2.6.0 there is an array overflow vulnerability in the write_rdram_regs and... Critical Unreviewed
CVE-2025-29366 was published Aug 22, 2025
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READ_STRING_SYSCALL. Critical Unreviewed
CVE-2025-29365 was published Aug 22, 2025
UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in... Critical Unreviewed
CVE-2009-10006 was published Aug 22, 2025
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-9254 was published Aug 22, 2025
Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a... Critical Unreviewed
CVE-2010-20115 was published Aug 21, 2025
Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer... Critical Unreviewed
CVE-2010-20122 was published Aug 21, 2025
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its... Critical Unreviewed
CVE-2010-20113 was published Aug 21, 2025
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2025-53795 was published Aug 21, 2025
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by... Critical Unreviewed
CVE-2010-20112 was published Aug 21, 2025
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed
CVE-2025-3128 was published Aug 21, 2025
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-53763 was published Aug 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database