GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,356
NuGet
765
pip
4,120
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
134,500 advisories
Filter by severity
A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in...
Moderate
Unreviewed
CVE-2025-66388
was published
Dec 15, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2025-43497
was published
Dec 12, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2025-43351
was published
Dec 12, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in...
Moderate
Unreviewed
CVE-2025-43393
was published
Dec 12, 2025
In the Linux kernel, the following vulnerability has been resolved:
fs/aio: Check IOCB_AIO_RW...
Moderate
Unreviewed
CVE-2024-35815
was published
May 17, 2024
A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This...
Moderate
Unreviewed
CVE-2022-4455
was published
Dec 13, 2022
In the Linux kernel, the following vulnerability has been resolved:
mmc: core: Avoid negative...
Moderate
Unreviewed
CVE-2024-35813
was published
May 17, 2024
Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program'...
Moderate
Unreviewed
CVE-2023-53886
was published
Dec 15, 2025
A vulnerability was determined in vion707 DMadmin up to 3403cafdb42537a648c30bf8cbc8148ec60437d1....
Moderate
Unreviewed
CVE-2025-14722
was published
Dec 15, 2025
Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows...
Moderate
Unreviewed
CVE-2023-53878
was published
Dec 15, 2025
Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated...
Moderate
Unreviewed
CVE-2023-53891
was published
Dec 15, 2025
Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated...
Moderate
Unreviewed
CVE-2023-53880
was published
Dec 15, 2025
JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL...
Moderate
Unreviewed
CVE-2023-53882
was published
Dec 15, 2025
NVClient 5.0 contains a stack buffer overflow vulnerability in the user configuration contact...
Moderate
Unreviewed
CVE-2023-53879
was published
Dec 15, 2025
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to...
Moderate
Unreviewed
CVE-2023-53887
was published
Dec 15, 2025
GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name...
Moderate
Unreviewed
CVE-2023-53874
was published
Dec 15, 2025
Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter...
Moderate
Unreviewed
CVE-2023-53870
was published
Dec 15, 2025
Webedition CMS v2.9.8.8 contains a stored cross-site scripting vulnerability that allows...
Moderate
Unreviewed
CVE-2023-53884
was published
Dec 15, 2025
Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload...
Moderate
Unreviewed
CVE-2023-53876
was published
Dec 15, 2025
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in...
Moderate
Unreviewed
CVE-2023-53893
was published
Dec 15, 2025
Perch CMS 3.2 contains a stored cross-site scripting vulnerability that allows authenticated...
Moderate
Unreviewed
CVE-2023-53890
was published
Dec 15, 2025
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 Deploy transmits data in clear text that could...
Moderate
Unreviewed
CVE-2025-13489
was published
Dec 15, 2025
Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML...
Moderate
Unreviewed
CVE-2023-53871
was published
Dec 15, 2025
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM...
Moderate
Unreviewed
CVE-2025-14148
was published
Dec 15, 2025
The Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android 6.0...
Moderate
Unreviewed
CVE-2025-65835
was published
Dec 15, 2025
ProTip!
Advisories are also available from the
GraphQL API