Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,933
Erlang
39
GitHub Actions
38
Go
2,595
Maven
5,000+
npm
4,247
NuGet
754
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

140,632 advisories

Loading
Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful... Moderate Unreviewed
CVE-2025-47709 was published May 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47703 was published May 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47704 was published May 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47705 was published May 14, 2025
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery ... Moderate Unreviewed
CVE-2025-44186 was published May 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47702 was published May 14, 2025
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-44184 was published May 14, 2025
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... Moderate Unreviewed
CVE-2025-26784 was published May 14, 2025
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed
CVE-2025-3909 was published May 14, 2025
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to... Moderate Unreviewed
CVE-2024-57273 was published May 14, 2025
Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in... Moderate Unreviewed
CVE-2025-47436 was published May 14, 2025
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to... Moderate Unreviewed
CVE-2024-54779 was published May 14, 2025
nosurf vulnerable to CSRF due to non-functional same-origin request checks Moderate
CVE-2025-46721 was published for github.com/justinas/nosurf (Go) May 14, 2025
patrickod
Credited to patrickod
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is... Moderate Unreviewed
CVE-2025-3769 was published May 14, 2025
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files Moderate
CVE-2025-26795 was published for org.apache.iotdb:iotdb-jdbc (Maven) May 14, 2025
AnonySE26
Credited to AnonySE26
Apache IoTDB Discloses Sensitive Information via Log Files Moderate
CVE-2025-26864 was published for apache-iotdb (Maven) May 14, 2025
The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-8988 was published May 14, 2025
The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2024-13940 was published May 14, 2025
The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2025-4520 was published May 14, 2025
Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow... Moderate Unreviewed
CVE-2025-47905 was published May 14, 2025
Duplicate Advisory: crossbeam-channel Vulnerable to Double Free on Drop Moderate
GHSA-w443-5h3j-jqcp was published for crossbeam-channel (Rust) May 14, 2025 withdrawn
Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before... Moderate Unreviewed
CVE-2025-22448 was published May 13, 2025
Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra... Moderate Unreviewed
CVE-2025-24495 was published May 13, 2025
Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™... Moderate Unreviewed
CVE-2025-23233 was published May 13, 2025
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Moderate Unreviewed
CVE-2025-22844 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database