GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,720
Composer 5,027
Erlang 39
GitHub Actions 38
Go 2,667
Maven 6,116
npm 4,295
NuGet 760
pip 4,073
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,756

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

132,505 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to... Moderate Unreviewed

CVE-2025-64660 was published Nov 21, 2025

IBM Concert 1.0.0 through 2.0.0 is vulnerable to cross-site scripting. This vulnerability allows... Moderate Unreviewed

CVE-2025-36153 was published Nov 21, 2025

IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other... Moderate Unreviewed

CVE-2025-36159 was published Nov 21, 2025

IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response... Moderate Unreviewed

CVE-2025-36160 was published Nov 21, 2025

IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain... Moderate Unreviewed

CVE-2025-36158 was published Nov 21, 2025

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0.... Moderate Unreviewed

CVE-2025-13484 was published Nov 21, 2025

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue... Moderate Unreviewed

CVE-2025-13485 was published Nov 21, 2025

Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a... Moderate Unreviewed

CVE-2025-48987 was published Nov 20, 2025

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and... Moderate Unreviewed

CVE-2025-52671 was published Nov 20, 2025

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless... Moderate Unreviewed

CVE-2025-25613 was published Nov 20, 2025

Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the... Moderate Unreviewed

CVE-2025-55124 was published Nov 20, 2025

Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and... Moderate Unreviewed

CVE-2025-52669 was published Nov 20, 2025

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of... Moderate Unreviewed

CVE-2025-55127 was published Nov 20, 2025

Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability... Moderate Unreviewed

CVE-2025-35029 was published Nov 20, 2025

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an uncontrolled resource... Moderate Unreviewed

CVE-2025-55128 was published Nov 20, 2025

HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability... Moderate Unreviewed

CVE-2025-55126 was published Nov 20, 2025

Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to... Moderate Unreviewed

CVE-2025-63848 was published Nov 20, 2025

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24... Moderate Unreviewed

CVE-2025-63888 was published Nov 20, 2025

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the... Moderate Unreviewed

CVE-2025-52410 was published Nov 20, 2025

SOPlanning is vulnerable to Stored XSS in /feries endpoint. Malicious attacker with access to... Moderate Unreviewed

CVE-2025-62731 was published Nov 20, 2025

SOPlanning is vulnerable to Stored XSS in /groupe_form endpoint. Malicious attacker with medium... Moderate Unreviewed

CVE-2025-62295 was published Nov 20, 2025

SOPlanning is vulnerable to Stored XSS in /status endpoint. Malicious attacker with an account... Moderate Unreviewed

CVE-2025-62729 was published Nov 20, 2025

SOPlanning is vulnerable to Stored XSS in /taches endpoint. Malicious attacker with medium... Moderate Unreviewed

CVE-2025-62296 was published Nov 20, 2025

SOPlanning is vulnerable to Broken Access Control in /status endpoint. Due to lack of permission... Moderate Unreviewed

CVE-2025-62293 was published Nov 20, 2025

SOPlanning is vulnerable to Stored XSS in /projets endpoint. Malicious attacker with medium... Moderate Unreviewed

CVE-2025-62297 was published Nov 20, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

132,505 advisories