Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

108,567 advisories

Loading
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending... High Unreviewed
CVE-2025-23172 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform provides an option to upload various types of... High Unreviewed
CVE-2025-23171 was published Jun 19, 2025
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup... High Unreviewed
CVE-2025-24286 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual... High Unreviewed
CVE-2025-23173 was published Jun 19, 2025
Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to... High Unreviewed
CVE-2025-6191 was published Jun 18, 2025
Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to... High Unreviewed
CVE-2025-6192 was published Jun 18, 2025
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
A missing length check in `ogs_pfcp_subnet_add` function from PFCP library, used by both smf and... High Unreviewed
CVE-2025-44952 was published Jun 18, 2025
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... High Unreviewed
CVE-2025-20271 was published Jun 18, 2025
A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf... High Unreviewed
CVE-2025-44951 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to... High Unreviewed
CVE-2025-36048 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external... High Unreviewed
CVE-2025-36049 was published Jun 18, 2025
SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain... High Unreviewed
CVE-2025-46109 was published Jun 18, 2025
Real Estate Management 1.0 is vulnerable to Cross Site Scripting (XSS) in /store/index.php. High Unreviewed
CVE-2025-45786 was published Jun 18, 2025
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-6220 was published Jun 18, 2025
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed
CVE-2025-6086 was published Jun 18, 2025
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-4413 was published Jun 18, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds read, which may allow an attacker to... High Unreviewed
CVE-2025-32412 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds write, which may allow an attacker... High Unreviewed
CVE-2025-41413 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to a stack-based buffer overflow, which may allow an... High Unreviewed
CVE-2025-41388 was published Jun 17, 2025
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation... High Unreviewed
CVE-2025-49384 was published Jun 17, 2025
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation... High Unreviewed
CVE-2025-49385 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49214 was published Jun 17, 2025
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49215 was published Jun 17, 2025
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an... High Unreviewed
CVE-2025-49211 was published Jun 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database