Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,356
NuGet
765
pip
4,120
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

134,500 advisories

Loading
A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in... Moderate Unreviewed
CVE-2025-66388 was published Dec 15, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43497 was published Dec 12, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43351 was published Dec 12, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-43393 was published Dec 12, 2025
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW... Moderate Unreviewed
CVE-2024-35815 was published May 17, 2024
A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This... Moderate Unreviewed
CVE-2022-4455 was published Dec 13, 2022
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative... Moderate Unreviewed
CVE-2024-35813 was published May 17, 2024
Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program'... Moderate Unreviewed
CVE-2023-53886 was published Dec 15, 2025
A vulnerability was determined in vion707 DMadmin up to 3403cafdb42537a648c30bf8cbc8148ec60437d1.... Moderate Unreviewed
CVE-2025-14722 was published Dec 15, 2025
Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows... Moderate Unreviewed
CVE-2023-53878 was published Dec 15, 2025
Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53891 was published Dec 15, 2025
Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53880 was published Dec 15, 2025
JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL... Moderate Unreviewed
CVE-2023-53882 was published Dec 15, 2025
NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact... Moderate Unreviewed
CVE-2023-53879 was published Dec 15, 2025
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to... Moderate Unreviewed
CVE-2023-53887 was published Dec 15, 2025
GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name... Moderate Unreviewed
CVE-2023-53874 was published Dec 15, 2025
Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter... Moderate Unreviewed
CVE-2023-53870 was published Dec 15, 2025
Webedition CMS v2.9.8.8 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2023-53884 was published Dec 15, 2025
Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload... Moderate Unreviewed
CVE-2023-53876 was published Dec 15, 2025
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in... Moderate Unreviewed
CVE-2023-53893 was published Dec 15, 2025
Perch CMS 3.2 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53890 was published Dec 15, 2025
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 Deploy transmits data in clear text that could... Moderate Unreviewed
CVE-2025-13489 was published Dec 15, 2025
Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML... Moderate Unreviewed
CVE-2023-53871 was published Dec 15, 2025
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM... Moderate Unreviewed
CVE-2025-14148 was published Dec 15, 2025
The Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android 6.0... Moderate Unreviewed
CVE-2025-65835 was published Dec 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database