GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,762
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,489
Maven 5,912
npm 4,105
NuGet 735
pip 3,927
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,526

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,345 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP... Moderate Unreviewed

CVE-2025-42925 was published Sep 9, 2025

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated... Moderate Unreviewed

CVE-2025-42923 was published Sep 9, 2025

SAP Business Planning and Consolidation allows an authenticated standard user to call a function... Moderate Unreviewed

CVE-2025-42930 was published Sep 9, 2025

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an... Moderate Unreviewed

CVE-2025-42938 was published Sep 9, 2025

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is... Moderate Unreviewed

CVE-2025-10123 was published Sep 9, 2025

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker... Moderate Unreviewed

CVE-2025-42926 was published Sep 9, 2025

A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file... Moderate Unreviewed

CVE-2025-10122 was published Sep 9, 2025

A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and... Moderate Unreviewed

CVE-2025-43778 was published Sep 9, 2025

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0... Moderate Unreviewed

CVE-2025-43777 was published Sep 9, 2025

A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring... Moderate Unreviewed

CVE-2025-10118 was published Sep 9, 2025

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an... Moderate Unreviewed

CVE-2025-10117 was published Sep 9, 2025

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin... Moderate Unreviewed

CVE-2025-10121 was published Sep 9, 2025

A vulnerability was determined in SiempreCMS up to 1.3.6. This affects an unknown part of the... Moderate Unreviewed

CVE-2025-10115 was published Sep 9, 2025

Fiori app Manage Payment Blocks does not perform the necessary authorization checks, allowing an... Moderate Unreviewed

CVE-2025-42915 was published Sep 9, 2025

SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled... Moderate Unreviewed

CVE-2025-42911 was published Sep 9, 2025

A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code... Moderate Unreviewed

CVE-2025-10116 was published Sep 9, 2025

SAP NetWeaver Application Server for ABAP allows authenticated users with access to background... Moderate Unreviewed

CVE-2025-42918 was published Sep 9, 2025

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks... Moderate Unreviewed

CVE-2025-42917 was published Sep 9, 2025

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an... Moderate Unreviewed

CVE-2025-42920 was published Sep 9, 2025

SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an... Moderate Unreviewed

CVE-2025-42912 was published Sep 9, 2025

A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown... Moderate Unreviewed

CVE-2025-10114 was published Sep 9, 2025

A weakness has been identified in itsourcecode Student Information Management System 1.0. The... Moderate Unreviewed

CVE-2025-10112 was published Sep 9, 2025

A vulnerability was determined in Campcodes Online Loan Management System 1.0. This issue affects... Moderate Unreviewed

CVE-2025-10109 was published Sep 9, 2025

IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2025-1761 was published Sep 9, 2025

A server-side request forgery (SSRF) vulnerability exist in the Liferay Portal 7.4.0 through 7.4... Moderate Unreviewed

CVE-2025-43763 was published Sep 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,345 advisories