Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

107,917 advisories

Loading
Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux... High Unreviewed
CVE-2025-4134 was published May 28, 2025
Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability... High Unreviewed
CVE-2025-45997 was published May 28, 2025
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin High
CVE-2025-5279 was published for redshift-connector (pip) May 28, 2025
Contrast workload secrets leak to logs on INFO level High
GHSA-h5f8-crrq-4pw8 was published for github.com/edgelesssys/contrast (Go) May 28, 2025
burgerdev katexochen
thomasten
Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users High
CVE-2025-48881 was published for com.ritense.valtimo:object-management (Maven) May 28, 2025
LLama-Index CLI OS command injection vulnerability High
CVE-2025-1753 was published for llama-index-cli (pip) May 28, 2025
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post'... High Unreviewed
CVE-2025-5287 was published May 28, 2025
An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0... High Unreviewed
CVE-2025-25251 was published May 28, 2025
Apache InLong: JDBC Vulnerability during verification processing High
CVE-2025-27522 was published for org.apache.inlong:manager-pojo (Maven) May 28, 2025
The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed
CVE-2025-4800 was published May 28, 2025
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running... High Unreviewed
CVE-2025-5222 was published May 27, 2025
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to... High Unreviewed
CVE-2025-5280 was published May 27, 2025
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows... High Unreviewed
CVE-2025-45529 was published May 27, 2025
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker... High Unreviewed
CVE-2025-5063 was published May 27, 2025
An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type... High Unreviewed
CVE-2024-49196 was published May 27, 2025
There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead... High Unreviewed
CVE-2025-27700 was published May 27, 2025
Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking High
CVE-2025-48383 was published for django-select2 (pip) May 27, 2025
neartik ronanboiteau
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these... High Unreviewed
CVE-2025-48797 was published May 27, 2025
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence... High Unreviewed
CVE-2025-5272 was published May 27, 2025
A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based... High Unreviewed
CVE-2025-48796 was published May 27, 2025
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image... High Unreviewed
CVE-2025-48798 was published May 27, 2025
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This... High Unreviewed
CVE-2025-5270 was published May 27, 2025
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
An unauthenticated remote attacker can exploit insufficient input validation to write data beyond... High Unreviewed
CVE-2025-41649 was published May 27, 2025
An unauthenticated remote attacker can exploit input validation in cmd services of the devices,... High Unreviewed
CVE-2025-41650 was published May 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database