Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

293,647 advisories

Loading
A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap... High Unreviewed
CVE-2025-8894 was published Sep 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 -... Critical Unreviewed
CVE-2024-13149 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the... Unknown Unreviewed
CVE-2025-39829 was published Sep 16, 2025
code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the... Unknown Unreviewed
CVE-2025-56276 was published Sep 16, 2025
In Frappe ERPNext v15.57.5, the function get_stock_balance() at erpnext/stock/utils.py is... Unknown Unreviewed
CVE-2025-52044 was published Sep 16, 2025
psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse'... Low Unreviewed
CVE-2025-59270 was published Sep 16, 2025
Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification... Critical Unreviewed
CVE-2025-41243 was published Sep 16, 2025
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload... Unknown Unreviewed
CVE-2025-56295 was published Sep 16, 2025
A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2025-8893 was published Sep 16, 2025
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially... Critical Unreviewed
CVE-2009-20007 was published Sep 16, 2025
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource... Moderate Unreviewed
CVE-2025-8057 was published Sep 16, 2025
code-projects Document Management System 1.0 has a Cross Site Scripting (XSS) vulnerability,... Unknown Unreviewed
CVE-2025-56289 was published Sep 16, 2025
A cross-site scripting (XSS) vulnerability exists in the search-autootaxi.php endpoint of the... Unknown Unreviewed
CVE-2025-57145 was published Sep 16, 2025
The Spring Framework annotation detection mechanism may not correctly resolve annotations on... High Unreviewed
CVE-2025-41249 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of... Unknown Unreviewed
CVE-2023-53298 was published Sep 16, 2025
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the... Low Unreviewed
CVE-2025-10316 was published Sep 16, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-6575 was published Sep 16, 2025
The Sparkle framework includes a helper tool Autoupdate. Due to lack of authentication of... High Unreviewed
CVE-2025-10016 was published Sep 16, 2025
This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird... Unknown Unreviewed
CVE-2025-10528 was published Sep 16, 2025
This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird... High Unreviewed
CVE-2025-10527 was published Sep 16, 2025
Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows... Critical Unreviewed
CVE-2025-7743 was published Sep 16, 2025
This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird ... High Unreviewed
CVE-2025-10533 was published Sep 16, 2025
This vulnerability affects Firefox < 143 and Thunderbird < 143. Unknown Unreviewed
CVE-2025-10531 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix... Unknown Unreviewed
CVE-2025-39805 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab... Unknown Unreviewed
CVE-2025-39806 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database