Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

143,386 advisories

Loading
A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected... Moderate Unreviewed
CVE-2025-13422 was published Nov 20, 2025
A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue... Moderate Unreviewed
CVE-2025-13420 was published Nov 20, 2025
A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element... Moderate Unreviewed
CVE-2025-13423 was published Nov 20, 2025
A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0.... Moderate Unreviewed
CVE-2025-13421 was published Nov 20, 2025
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-13424 was published Nov 20, 2025
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of... Moderate Unreviewed
CVE-2025-13415 was published Nov 20, 2025
golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read Moderate
CVE-2025-47914 was published for golang.org/x/crypto (Go) Nov 19, 2025
golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumption Moderate
CVE-2025-58181 was published for golang.org/x/crypto (Go) Nov 19, 2025
A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by... Moderate Unreviewed
CVE-2025-13412 was published Nov 19, 2025
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is... Moderate Unreviewed
CVE-2025-13410 was published Nov 19, 2025
Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects... Moderate Unreviewed
CVE-2025-13147 was published Nov 19, 2025
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this... Moderate Unreviewed
CVE-2025-13411 was published Nov 19, 2025
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the... Moderate Unreviewed
CVE-2025-36371 was published Nov 19, 2025
esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript Moderate
CVE-2025-65026 was published for github.com/esm-dev/esm.sh (Go) Nov 19, 2025
pyozzi-toss
Credited to pyozzi-toss
Astro Cloudflare adapter has Stored Cross Site Scripting vulnerability in /_image endpoint Moderate
CVE-2025-65019 was published for astro (npm) Nov 19, 2025
zomaxsec
Credited to zomaxsec
Astro's middleware authentication checks based on url.pathname can be bypassed via url encoded values Moderate
CVE-2025-64765 was published for astro (npm) Nov 19, 2025
Sudistark
Credited to Sudistark
authentik's invitation expiry is delayed by at least 5 minutes Moderate
CVE-2025-64708 was published for goauthentik.io (Go) Nov 19, 2025
melizeche
Credited to melizeche
eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an... Moderate Unreviewed
CVE-2025-34336 was published Nov 19, 2025
An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry®... Moderate Unreviewed
CVE-2025-12766 was published Nov 19, 2025
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Moderate Unreviewed
CVE-2025-34330 was published Nov 19, 2025
The Looker endpoint for generating new projects from database connections allows users to specify... Moderate Unreviewed
CVE-2025-12743 was published Nov 19, 2025
A weakness has been identified in code-projects Courier Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-13396 was published Nov 19, 2025
A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function... Moderate Unreviewed
CVE-2025-13397 was published Nov 19, 2025
A reflected cross-site scripted (XSS) vulnerability in the /ecommerce/products.php component of E... Moderate Unreviewed
CVE-2025-63879 was published Nov 19, 2025
Github Restaurant Website Restoran v1.0 was discovered to contain a SQL injection vulnerability... Moderate Unreviewed
CVE-2025-63878 was published Nov 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database