GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 258,021

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

25,821 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function... Critical Unreviewed

CVE-2025-49223 was published Jun 4, 2025

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads... Critical Unreviewed

CVE-2025-23097 was published Jun 3, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Critical Unreviewed

CVE-2025-25022 was published Jun 3, 2025

Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to... Critical Unreviewed

CVE-2025-44148 was published Jun 3, 2025

In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed

CVE-2025-32106 was published Jun 3, 2025

A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an... Critical Unreviewed

CVE-2025-32105 was published Jun 3, 2025

An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed

CVE-2025-45854 was published Jun 3, 2025

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed

CVE-2024-12718 was published Jun 3, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2025-4797 was published Jun 3, 2025

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length... Critical Unreviewed

CVE-2025-23099 was published Jun 2, 2025

A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020... Critical Unreviewed

CVE-2025-5086 was published Jun 2, 2025

An authentication bypass vulnerability exists in HPE StoreOnce Software. Critical Unreviewed

CVE-2025-37093 was published Jun 2, 2025

An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama... Critical Unreviewed

CVE-2025-1750 was published Jun 2, 2025

The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower... Critical Unreviewed

CVE-2025-0324 was published Jun 2, 2025

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by... Critical Unreviewed

CVE-2025-49113 was published Jun 2, 2025

In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check.... Critical Unreviewed

CVE-2025-20672 was published Jun 2, 2025

In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission... Critical Unreviewed

CVE-2025-20674 was published Jun 2, 2025

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL... Critical Unreviewed

CVE-2025-5408 was published Jun 2, 2025

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified Critical Unreviewed

CVE-2025-40908 was published Jun 1, 2025

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation... Critical Unreviewed

CVE-2025-4607 was published May 31, 2025

The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing... Critical Unreviewed

CVE-2025-4631 was published May 31, 2025

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If... Critical Unreviewed

CVE-2025-2500 was published May 30, 2025

An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote... Critical Unreviewed

CVE-2025-48757 was published May 30, 2025

Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi... Critical Unreviewed

CVE-2025-44619 was published May 30, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,821 advisories