Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,829
Erlang
36
GitHub Actions
33
Go
2,446
Maven
5,000+
npm
4,065
NuGet
723
pip
3,866
Pub
12
RubyGems
943
Rust
1,009
Swift
39
Unreviewed advisories
All unreviewed
5,000+

11,408 advisories

Loading
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability.... Moderate Unreviewed
CVE-2025-52620 was published Aug 16, 2025
A vulnerability has been found in the  MSoft MFlash application that allows execution of... Critical Unreviewed
CVE-2025-9060 was published Aug 15, 2025
The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all... Moderate Unreviewed
CVE-2025-7507 was published Aug 15, 2025
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... High Unreviewed
CVE-2025-20148 was published Aug 14, 2025
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed
CVE-2025-8876 was published Aug 14, 2025
A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment... High Unreviewed
CVE-2025-7971 was published Aug 14, 2025
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is... Moderate Unreviewed
CVE-2025-8963 was published Aug 14, 2025
Loading arbitrary external URLs through WebView components introduces malicious JS code that can... High Unreviewed
CVE-2025-27388 was published Aug 14, 2025
UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and... High Unreviewed
CVE-2025-4276 was published Aug 13, 2025
Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute... High Unreviewed
CVE-2025-4277 was published Aug 13, 2025
A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local... High Unreviewed
CVE-2025-4410 was published Aug 13, 2025
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform... Moderate Unreviewed
CVE-2025-25005 was published Aug 12, 2025
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and... High Unreviewed
CVE-2025-49554 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet... High Unreviewed
CVE-2025-24486 was published Aug 12, 2025
Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an... Low Unreviewed
CVE-2025-32004 was published Aug 12, 2025
Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R)... Moderate Unreviewed
CVE-2025-27537 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed
CVE-2025-24325 was published Aug 12, 2025
Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may... Moderate Unreviewed
CVE-2025-24296 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... High Unreviewed
CVE-2025-24484 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet... Moderate Unreviewed
CVE-2025-21086 was published Aug 12, 2025
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed
CVE-2025-40746 was published Aug 12, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Low Unreviewed
CVE-2025-25212 was published Aug 11, 2025
Apache CXF: Untrusted JMS configuration can lead to RCE Moderate
CVE-2025-48913 was published for org.apache.cxf:cxf-rt-transports-jms (Maven) Aug 8, 2025
A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This... Low Unreviewed
CVE-2025-8708 was published Aug 8, 2025
uv allows ZIP payload obfuscation through parsing differentials Moderate
CVE-2025-54368 was published for uv (pip) Aug 7, 2025
charliermarsh zanieb
woodruffw thatch calebbrown
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database