Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,441
Maven
5,000+
npm
4,060
NuGet
723
pip
3,853
Pub
12
RubyGems
941
Rust
1,007
Swift
38
Unreviewed advisories
All unreviewed
5,000+

135,139 advisories

Loading
Oak Server has ReDoS in x-forwarded-proto and x-forwarded-for headers Moderate
CVE-2025-55152 was published for @oakserver/oak (npm) Aug 12, 2025
dellalibera
Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery Moderate
CVE-2025-4655 was published for com.liferay.portal:release.dxp.bom (Maven) Aug 9, 2025
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-54463 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-54458 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-53910 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-53514 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-8285 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-48731 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-44001 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check Moderate
CVE-2025-55159 was published for slab (Rust) Aug 11, 2025
mox692
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the... Moderate Unreviewed
CVE-2025-47183 was published Aug 7, 2025
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper... Moderate Unreviewed
CVE-2025-51823 was published Aug 11, 2025
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart... Moderate Unreviewed
CVE-2025-51824 was published Aug 11, 2025
Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A... Moderate Unreviewed
CVE-2025-25229 was published Aug 11, 2025
A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly... Moderate Unreviewed
CVE-2025-8661 was published Aug 11, 2025
An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through... Moderate Unreviewed
CVE-2025-7458 was published Jul 29, 2025
Bagist Cross-site Scripting vulnerability Moderate
CVE-2024-27499 was published for bagisto/bagisto (Composer) Mar 1, 2024
Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue... Moderate Unreviewed
CVE-2024-56213 was published Dec 31, 2024
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster... Moderate Unreviewed
CVE-2025-8866 was published Aug 11, 2025
Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery Moderate
CVE-2025-4581 was published for com.liferay.portal:release.dxp.bom (Maven) Aug 9, 2025
The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks Moderate
CVE-2019-10219 was published for org.hibernate.validator:hibernate-validator (Maven) Jan 8, 2020
SunBK201 poc-effectiveness
Issue of buffer overflow caused by insufficient data verification in the kernel acceleration... Moderate Unreviewed
CVE-2025-54641 was published Aug 6, 2025
The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when... Moderate Unreviewed
CVE-2025-7965 was published Aug 11, 2025
The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null... Moderate Unreviewed
CVE-2025-8865 was published Aug 11, 2025
A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-8859 was published Aug 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database