Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,014 advisories

Loading
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits... Low Unreviewed
CVE-2025-62643 was published Oct 17, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-62653 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-62654 was published Oct 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Low Unreviewed
CVE-2025-62655 was published Oct 18, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link... Low Unreviewed
CVE-2024-57898 was published Jan 15, 2025
radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. Low Unreviewed
CVE-2025-60360 was published Oct 17, 2025
radare2 v5.9.8 and before contains a memory leak in the function bochs_open. Low Unreviewed
CVE-2025-60361 was published Oct 17, 2025
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to... Low Unreviewed
CVE-2025-11896 was published Oct 17, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-23073 was published Jan 14, 2025
CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version... Low Unreviewed
CVE-2025-54087 was published Oct 2, 2025
A vulnerability has been identified in the libarchive library, specifically within the... Low Unreviewed
CVE-2025-5914 was published Jun 9, 2025
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
Applications using affected versions of Ehcache 3.x can experience degraded cache-write... Low Unreviewed
CVE-2025-2529 was published Oct 15, 2025
Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful... Low Unreviewed
CVE-2025-56746 was published Oct 15, 2025
An improper certificate validation vulnerability was reported in the Lenovo Universal Device... Low Unreviewed
CVE-2025-6026 was published Oct 15, 2025
Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site (... Low Unreviewed
CVE-2025-54196 was published Oct 15, 2025
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized... Low Unreviewed
CVE-2025-59284 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an... Low Unreviewed
CVE-2025-59294 was published Oct 14, 2025
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform... Low Unreviewed
CVE-2025-59280 was published Oct 14, 2025
An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3... Low Unreviewed
CVE-2025-58903 was published Oct 14, 2025
An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in FortiOS 7.6.0 through 7.6.2, 7... Low Unreviewed
CVE-2025-47890 was published Oct 14, 2025
An Insertion of Sensitive Information into Log File vulnerability [CWE-532] in FortiOS 7.6.0... Low Unreviewed
CVE-2025-31514 was published Oct 14, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-5532 was published Oct 28, 2024
The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a... Low Unreviewed
CVE-2025-8594 was published Oct 14, 2025
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an... Low Unreviewed
CVE-2025-42909 was published Oct 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database