Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,805 advisories

Loading
The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-8359 was published Sep 6, 2025
internetarchive Vulnerable to Directory Traversal in File.download() Critical
CVE-2025-58438 was published for internetarchive (pip) Sep 5, 2025
pengowray
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default... Critical Unreviewed
CVE-2025-35451 was published Sep 5, 2025
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials... Critical Unreviewed
CVE-2025-35452 was published Sep 5, 2025
Deserialization of Untrusted Data vulnerability in ExpressTech Systems Quiz And Survey Master... Critical Unreviewed
CVE-2025-49401 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-58628 was published Sep 5, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-58819 was published Sep 5, 2025
TkEasyGUI Vulnerable to OS Command Injection Critical
CVE-2025-55037 was published for TkEasyGUI (pip) Sep 5, 2025
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore... Critical Unreviewed
CVE-2025-53690 was published Sep 5, 2025
Azure Entra Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55241 was published Sep 5, 2025
Azure Bot Service Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55244 was published Sep 5, 2025
Azure Networking Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-54914 was published Sep 5, 2025
In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates... Critical Unreviewed
CVE-2025-48581 was published Sep 4, 2025
Argo CD's Project API Token Exposes Repository Credentials Critical
CVE-2025-55190 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 4, 2025
ntammineni5 34fathombelow
alexmt crenshaw-dev svghadi
Pixar OpenUSD Sdf_PathNode Module Use-After-Free Vulnerability Leading to Potential Remote Code Execution Critical
GHSA-58p5-r2f6-g2cj was published for usd-core (pip) Sep 4, 2025
bshyuunn
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL... Critical Unreviewed
CVE-2025-7385 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36904 was published Sep 4, 2025
Elevation of Privilege Critical Unreviewed
CVE-2025-36890 was published Sep 4, 2025
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing... Critical Unreviewed
CVE-2025-36897 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36896 was published Sep 4, 2025
DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more Critical
CVE-2025-58367 was published for deepdiff (pip) Sep 3, 2025
diogotcorreia
XWiki configuration files can be accessed through jsx and sx endpoints Critical
CVE-2025-55748 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Sep 3, 2025
XWiki configuration files can be accessed through the webjars API Critical
CVE-2025-55747 was published for org.xwiki.platform:xwiki-platform-webjars-api (Maven) Sep 3, 2025
An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker... Critical Unreviewed
CVE-2025-26210 was published Sep 3, 2025
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability... Critical Unreviewed
CVE-2025-53693 was published Sep 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database