Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,933
Erlang
39
GitHub Actions
38
Go
2,595
Maven
5,000+
npm
4,247
NuGet
754
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112,960 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2025-10914 was published Oct 23, 2025
NarSuS App registers a Windows service with an unquoted file path. A user with the write... High Unreviewed
CVE-2025-61865 was published Oct 23, 2025
Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows... High Unreviewed
CVE-2025-11575 was published Oct 23, 2025
binary_vec_io access memory out-of-bounds in binary_read_to_ref and binary_write_from_ref High
GHSA-wwxp-hxh6-8gf8 was published for binary_vec_io (Rust) Oct 22, 2025
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue... High Unreviewed
CVE-2022-49592 was published Oct 22, 2025
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow... High Unreviewed
CVE-2022-49581 was published Oct 22, 2025
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an... High Unreviewed
CVE-2025-40778 was published Oct 22, 2025
Querying for records within a specially crafted zone containing certain malformed DNSKEY records... High Unreviewed
CVE-2025-8677 was published Oct 22, 2025
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is... High Unreviewed
CVE-2025-40780 was published Oct 22, 2025
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and... High Unreviewed
CVE-2025-11957 was published Oct 22, 2025
aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server High
CVE-2025-62611 was published for aiomysql (pip) Oct 22, 2025
KonstantAnxiety
Credited to KonstantAnxiety
Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality High
CVE-2025-62617 was published for admidio/admidio (Composer) Oct 22, 2025
XY20130630
Credited to XY20130630
Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and... High Unreviewed
CVE-2025-60209 was published Oct 22, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... High Unreviewed
CVE-2025-60206 was published Oct 22, 2025
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege... High Unreviewed
CVE-2025-60220 was published Oct 22, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-59566 was published Oct 22, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... High Unreviewed
CVE-2025-60151 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For... High Unreviewed
CVE-2025-59007 was published Oct 22, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in wpdesk ShopMagic shopmagic-for... High Unreviewed
CVE-2025-59578 was published Oct 22, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-58955 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-58921 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in Tijmen Smit WP Store Locator wp-store-locator... High Unreviewed
CVE-2025-52737 was published Oct 22, 2025
Missing Authorization vulnerability in Themefic Hydra Booking hydra-booking allows Exploiting... High Unreviewed
CVE-2025-49377 was published Oct 22, 2025
Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing... High Unreviewed
CVE-2025-49376 was published Oct 22, 2025
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter... High Unreviewed
CVE-2025-49907 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database