Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

267,478 advisories

Loading
A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This... Moderate Unreviewed
CVE-2025-0751 was published Jan 27, 2025
A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio... Moderate Unreviewed
CVE-2024-12960 was published Dec 26, 2024
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... High Unreviewed
CVE-2024-41335 was published Feb 27, 2025
An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8,... High Unreviewed
CVE-2024-41340 was published Feb 27, 2025
Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php. Moderate Unreviewed
CVE-2025-25514 was published Feb 26, 2025
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and... Critical Unreviewed
CVE-2024-51138 was published Feb 27, 2025
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0870 was published Jan 30, 2025
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This... Moderate Unreviewed
CVE-2025-0753 was published Jan 27, 2025
A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with... Unknown Unreviewed
CVE-2025-25476 was published Mar 1, 2025
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code. Unknown Unreviewed
CVE-2025-25723 was published Mar 1, 2025
The account file upload functionality in Syspass 3.2.x fails to properly handle special... Unknown Unreviewed
CVE-2025-25478 was published Mar 1, 2025
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed
CVE-2025-26466 was published Mar 1, 2025
Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is... High Unreviewed
CVE-2024-1509 was published Mar 1, 2025
Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute... Unknown Unreviewed
CVE-2025-25379 was published Mar 1, 2025
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the... Moderate Unreviewed
CVE-2025-25429 was published Feb 28, 2025
Formwork improperly validates input of User role preventing site and panel availability High
GHSA-c85w-x26q-ch87 was published for getformwork/formwork (Composer) Mar 1, 2025
Kyokito1412
Formwork has a cross-site scripting (XSS) vulnerability in Site title Moderate
GHSA-vf6x-59hh-332f was published for getformwork/formwork (Composer) Mar 1, 2025
Kyokito1412
NuGet Elevation of Privilege Vulnerability High
CVE-2022-41032 was published for NuGet.CommandLine (NuGet) Oct 11, 2022
kartheekp-ms JarLob
Potential leak of NuGet.org API key Moderate
CVE-2022-30184 was published for NuGet.CommandLine (NuGet) Jun 14, 2022
JarLob
A vulnerability classified as critical has been found in SourceCodester Best Employee Management... Moderate Unreviewed
CVE-2025-1593 was published Feb 23, 2025
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1... Moderate Unreviewed
CVE-2025-1583 was published Feb 23, 2025
A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as... Moderate Unreviewed
CVE-2025-1588 was published Feb 23, 2025
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed
CVE-2025-1598 was published Feb 24, 2025
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated... Critical Unreviewed
CVE-2025-0364 was published Feb 4, 2025
In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer... High Unreviewed
CVE-2024-57943 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database