Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,416
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

288,266 advisories

Loading
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37091 was published Jun 2, 2025
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because... High Unreviewed
CVE-2024-57783 was published Jun 2, 2025
The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect... High Unreviewed
CVE-2025-26396 was published Jun 2, 2025
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted... High Unreviewed
CVE-2024-12168 was published Jun 2, 2025
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd... High Unreviewed
CVE-2025-1246 was published Jun 2, 2025
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's... Moderate Unreviewed
CVE-2024-12747 was published Jan 14, 2025
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive... High Unreviewed
CVE-2024-8176 was published Mar 14, 2025
The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a... Moderate Unreviewed
CVE-2023-0769 was published Jan 16, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does... Low Unreviewed
CVE-2023-2252 was published Jan 16, 2024
A vulnerability, which was classified as critical, has been found in Linksys RE6500, RE6250,... Moderate Unreviewed
CVE-2025-5442 was published Jun 2, 2025
A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350,... Moderate Unreviewed
CVE-2025-5441 was published Jun 2, 2025
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to... High Unreviewed
CVE-2025-46807 was published Jun 2, 2025
An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama... Critical Unreviewed
CVE-2025-1750 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5439 was published Jun 2, 2025
A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350,... Moderate Unreviewed
CVE-2025-5440 was published Jun 2, 2025
A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected... Moderate Unreviewed
CVE-2025-5437 was published Jun 2, 2025
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly... Moderate Unreviewed
CVE-2025-0325 was published Jun 2, 2025
The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary... High Unreviewed
CVE-2025-5113 was published Jun 2, 2025
A vulnerability was found in Marwal Infotech CMS 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5435 was published Jun 2, 2025
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in... High Unreviewed
CVE-2025-5455 was published Jun 2, 2025
The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by... High Unreviewed
CVE-2025-4010 was published Jun 2, 2025
A low privileged attacker can set the date of the devices to the 19th of January 2038 an... Moderate Unreviewed
CVE-2025-1235 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5438 was published Jun 2, 2025
A vulnerability was found in Multilaser Sirius RE016 MLT1.0. It has been rated as problematic.... Moderate Unreviewed
CVE-2025-5436 was published Jun 2, 2025
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed
CVE-2025-0358 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database