Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,142 advisories

Loading
Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS allows Accessing... Moderate Unreviewed
CVE-2025-58980 was published Sep 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58982 was published Sep 9, 2025
Missing Authorization vulnerability in frenify Categorify allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-59005 was published Sep 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58987 was published Sep 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58989 was published Sep 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross... Moderate Unreviewed
CVE-2025-58975 was published Sep 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58988 was published Sep 9, 2025
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital... Moderate Unreviewed
CVE-2025-58976 was published Sep 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-58990 was published Sep 9, 2025
A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5... Moderate Unreviewed
CVE-2025-5005 was published Sep 9, 2025
A stored cross-site scripting (XSS) vulnerability exists in the WebAuthn Relying Party field... Moderate Unreviewed
CVE-2025-57540 was published Sep 9, 2025
A stored cross-site scripting (XSS) vulnerability in the U2F Origin field of the Datacenter... Moderate Unreviewed
CVE-2025-57539 was published Sep 9, 2025
A stored cross-site scripting (XSS) vulnerability in the HTTP Proxy field within the Datacenter... Moderate Unreviewed
CVE-2025-57538 was published Sep 9, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... Moderate Unreviewed
CVE-2025-55226 was published Sep 9, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed
CVE-2025-55225 was published Sep 9, 2025
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2025-54917 was published Sep 9, 2025
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall... Moderate Unreviewed
CVE-2025-54915 was published Sep 9, 2025
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose... Moderate Unreviewed
CVE-2025-54901 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Incorrect Authorization... Moderate Unreviewed
CVE-2025-54246 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-54247 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-54250 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-54252 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection... Moderate Unreviewed
CVE-2025-54251 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request... Moderate Unreviewed
CVE-2025-54249 was published Sep 9, 2025
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-54107 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database