Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,660
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,504 advisories

Loading
File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency Critical
GHSA-6jqf-mv7m-3q7p was published for github.com/filebrowser/filebrowser/v2 (Go) Nov 13, 2025
Francesco-Bellomi hacdias
Credited to Francesco-Bellomi and hacdias
An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed
CVE-2025-34068 was published Jul 15, 2025
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed
CVE-2025-64280 was published Nov 12, 2025
A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi... Critical Unreviewed
CVE-2025-63353 was published Nov 12, 2025
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows for... Critical Unreviewed
CVE-2024-2005 was published Mar 6, 2024
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to... Critical Unreviewed
CVE-2025-63289 was published Nov 12, 2025
Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password... Critical Unreviewed
CVE-2025-63666 was published Nov 12, 2025
free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an... Critical Unreviewed
CVE-2025-63679 was published Nov 12, 2025
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed
CVE-2025-64281 was published Nov 12, 2025
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0... Critical Unreviewed
CVE-2025-56385 was published Nov 12, 2025
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR... Critical Unreviewed
CVE-2017-20210 was published Nov 11, 2025
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This... Critical Unreviewed
CVE-2025-13023 was published Nov 11, 2025
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2025-13024 was published Nov 11, 2025
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects... Critical Unreviewed
CVE-2025-13022 was published Nov 11, 2025
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects... Critical Unreviewed
CVE-2025-13021 was published Nov 11, 2025
pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode Critical
CVE-2025-12762 was published for pgadmin4 (pip) Nov 13, 2025
jonbally
Credited to jonbally
@react-native-community/cli has arbitrary OS command injection Critical
CVE-2025-11953 was published for @react-native-community/cli (npm) Nov 3, 2025
Malayke cylewaitforit
liamjones conorfitch
Credited to Malayke, cylewaitforit, liamjones, and conorfitch
Milvus Proxy has a Critical Authentication Bypass Vulnerability Critical
CVE-2025-64513 was published for github.com/milvus-io/milvus (Go) Nov 13, 2025
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated... Critical Unreviewed
CVE-2025-9242 was published Sep 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in hogash Kallyas kallyas.This... Critical Unreviewed
CVE-2025-62016 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king... Critical Unreviewed
CVE-2025-6325 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration... Critical Unreviewed
CVE-2025-60195 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for... Critical Unreviewed
CVE-2025-62065 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case... Critical Unreviewed
CVE-2025-62047 was published Nov 6, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search &... Critical Unreviewed
CVE-2025-62064 was published Nov 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database