Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,825 advisories

Loading
IPX Allows Path Traversal via Prefix Matching Bypass Moderate
CVE-2025-54387 was published for ipx (npm) Aug 4, 2025
dellalibera
XWiki allows Reflected XSS in two templates Moderate
CVE-2025-32430 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 5, 2025
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6... Moderate Unreviewed
CVE-2025-50340 was published Aug 4, 2025
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3... Moderate Unreviewed
CVE-2025-20151 was published May 7, 2025
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF... Moderate Unreviewed
CVE-2025-47152 was published Aug 5, 2025
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version... Moderate Unreviewed
CVE-2025-27931 was published Aug 5, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46958 was published Aug 5, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross... Moderate Unreviewed
CVE-2024-52890 was published Aug 5, 2025
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR... Moderate Unreviewed
CVE-2022-20846 was published Nov 15, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed
CVE-2024-20274 was published Oct 23, 2024
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an... Moderate Unreviewed
CVE-2024-39826 was published Jul 15, 2024
FPDI allows Memory Exhaustion (OOM) in PDF Parser which leads to Denial of Service Moderate
CVE-2025-54869 was published for setasign/fpdi (Composer) Aug 5, 2025
N0zoM1z0
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0.... Moderate Unreviewed
CVE-2025-8555 was published Aug 5, 2025
The Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-8294 was published Aug 5, 2025
The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-8295 was published Aug 5, 2025
A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0.... Moderate Unreviewed
CVE-2025-8554 was published Aug 5, 2025
A vulnerability classified as problematic has been found in atjiu pybbs up to 6.0.0. This affects... Moderate Unreviewed
CVE-2025-8552 was published Aug 5, 2025
A vulnerability classified as problematic was found in atjiu pybbs up to 6.0.0. This... Moderate Unreviewed
CVE-2025-8553 was published Aug 5, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected... Moderate Unreviewed
CVE-2025-8551 was published Aug 5, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue... Moderate Unreviewed
CVE-2025-8548 was published Aug 5, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-8550 was published Aug 5, 2025
The WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-8315 was published Aug 5, 2025
A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic... Moderate Unreviewed
CVE-2025-2810 was published Aug 5, 2025
The Campus Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-8313 was published Aug 5, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-8549 was published Aug 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database