Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,828
Maven
5,000+
npm
5,000+
NuGet
942
pip
5,000+
Pub
13
RubyGems
1,060
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS... Moderate Unreviewed
CVE-2026-33603 was published May 12, 2026
xxl-job Jobs Handler remove function allows improper control of resource identifiers via ID parameter Low
CVE-2025-9264 was published for com.xuxueli:xxl-job-admin (Maven) Aug 21, 2025
xxl-job Vulnerable to Resource Injection and Authorization Bypass Through User-Controlled Key Low
CVE-2025-9263 was published for com.xuxueli:xxl-job-admin (Maven) Aug 21, 2025
xxl-job has a Resource Injection issue Low
CVE-2026-7303 was published for com.xuxueli:xxl-job-admin (Maven) Apr 29, 2026
A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is... Moderate Unreviewed
CVE-2026-5414 was published Apr 2, 2026
A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown... Moderate Unreviewed
CVE-2026-5031 was published Mar 29, 2026
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of... Moderate Unreviewed
CVE-2024-0564 was published Jan 30, 2024
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function... Moderate Unreviewed
CVE-2026-3693 was published Mar 8, 2026
A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow... High Unreviewed
CVE-2025-43491 was published Sep 9, 2025
Skuul School Management System has an Insecure Direct Object Reference (IDOR) Vulnerability in View Fee Invoice Low
CVE-2025-12918 was published for yungifez/skuul (Composer) Nov 9, 2025
EverShop is vulnerable to Unauthorized Order Information Access (IDOR) Low
CVE-2025-12919 was published for @evershop/evershop (npm) Nov 9, 2025
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed
CVE-2023-6604 was published Jan 6, 2025
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET... High Unreviewed
CVE-2023-6605 was published Jan 6, 2025
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed
CVE-2023-6601 was published Jan 6, 2025
A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration... Moderate Unreviewed
CVE-2023-6602 was published Dec 31, 2024
A vulnerability was determined in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The... Moderate Unreviewed
CVE-2025-12270 was published Oct 27, 2025
Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations... Moderate Unreviewed
CVE-2024-6051 was published Sep 30, 2024
A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is... Moderate Unreviewed
CVE-2025-9619 was published Aug 29, 2025
A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected... Moderate Unreviewed
CVE-2025-8793 was published Aug 10, 2025
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus... Low Unreviewed
CVE-2025-6534 was published Jun 26, 2025
A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service... High Unreviewed
CVE-2023-6603 was published Dec 31, 2024
Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP... High Unreviewed
CVE-2025-2410 was published May 22, 2025
A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as... Moderate Unreviewed
CVE-2025-3855 was published Apr 22, 2025
Overview   The product receives input from an upstream component, but it does not restrict... Critical Unreviewed
CVE-2025-0756 was published Apr 17, 2025
A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as... Moderate Unreviewed
CVE-2025-3405 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database