Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-62093 was published Dec 9, 2025
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials... High Unreviewed
CVE-2025-42876 was published Dec 9, 2025
An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. High Unreviewed
CVE-2025-59030 was published Dec 9, 2025
Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order... High Unreviewed
CVE-2025-5469 was published Dec 9, 2025
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order... High Unreviewed
CVE-2025-5470 was published Dec 9, 2025
An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick... High Unreviewed
CVE-2025-41749 was published Dec 9, 2025
SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for... High Unreviewed
CVE-2025-42878 was published Dec 9, 2025
An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41747 was published Dec 9, 2025
SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high... High Unreviewed
CVE-2025-42874 was published Dec 9, 2025
An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41751 was published Dec 9, 2025
Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2... High Unreviewed
CVE-2025-61075 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS... High Unreviewed
CVE-2025-49347 was published Dec 9, 2025
SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an... High Unreviewed
CVE-2025-42877 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite... High Unreviewed
CVE-2025-49341 was published Dec 9, 2025
Affected products do not properly enforce TCP sequence number validation in specific scenarios... High Unreviewed
CVE-2025-40820 was published Dec 9, 2025
An XSS vulnerability in dyn_conn.php can be used by an unauthenticated remote attacker to trick... High Unreviewed
CVE-2025-41695 was published Dec 9, 2025
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The... High Unreviewed
CVE-2025-40831 was published Dec 9, 2025
An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41752 was published Dec 9, 2025
An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41745 was published Dec 9, 2025
An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41750 was published Dec 9, 2025
An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41748 was published Dec 9, 2025
An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to... High Unreviewed
CVE-2025-41746 was published Dec 9, 2025
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The... High Unreviewed
CVE-2025-40830 was published Dec 9, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... High Unreviewed
CVE-2025-40937 was published Dec 9, 2025
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... High Unreviewed
CVE-2025-14325 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database