Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111,275 advisories

Loading
The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all... High Unreviewed
CVE-2025-7327 was published Jul 8, 2025
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead... High Unreviewed
CVE-2025-20695 was published Jul 8, 2025
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead... High Unreviewed
CVE-2025-20694 was published Jul 8, 2025
The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-7146 was published Jul 8, 2025
SAP Netweaver System Configuration does not perform necessary authorization checks for an... High Unreviewed
CVE-2025-42953 was published Jul 8, 2025
An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code ... High Unreviewed
CVE-2025-42959 was published Jul 8, 2025
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to... High Unreviewed
CVE-2025-42952 was published Jul 8, 2025
IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a... High Unreviewed
CVE-2025-36014 was published Jul 7, 2025
LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of... High Unreviewed
CVE-2024-25177 was published Jul 7, 2025
A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The... High Unreviewed
CVE-2025-52492 was published Jul 7, 2025
An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400.... High Unreviewed
CVE-2025-26780 was published Jul 7, 2025
Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write... High Unreviewed
CVE-2025-6801 was published Jul 7, 2025
Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability.... High Unreviewed
CVE-2025-6798 was published Jul 7, 2025
Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion... High Unreviewed
CVE-2025-6805 was published Jul 7, 2025
Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability. This... High Unreviewed
CVE-2025-6806 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6799 was published Jul 7, 2025
Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6803 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6797 was published Jul 7, 2025
Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability... High Unreviewed
CVE-2025-6796 was published Jul 7, 2025
Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6800 was published Jul 7, 2025
Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6804 was published Jul 7, 2025
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without... High Unreviewed
CVE-2025-6713 was published Jul 7, 2025
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect... High Unreviewed
CVE-2025-6714 was published Jul 7, 2025
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-6663 was published Jul 7, 2025
An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting... High Unreviewed
CVE-2025-3467 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database