Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,672 advisories

Loading
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0... Moderate Unreviewed
CVE-2025-5669 was published Jun 5, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card... Moderate Unreviewed
CVE-2025-5670 was published Jun 5, 2025
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation... Moderate Unreviewed
CVE-2025-5668 was published Jun 5, 2025
A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected... Moderate Unreviewed
CVE-2025-5621 was published Jun 5, 2025
A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5525 was published Jun 3, 2025
The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2024-5155 was published Jun 14, 2024
The Pinpoint Booking System WordPress plugin before 2.9.9.4.8 does not sanitise and escape some... Moderate Unreviewed
CVE-2024-3636 was published Aug 5, 2024
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote ... Moderate Unreviewed
CVE-2025-29876 was published Jun 6, 2025
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote ... Moderate Unreviewed
CVE-2025-29873 was published Jun 6, 2025
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote ... Moderate Unreviewed
CVE-2025-29877 was published Jun 6, 2025
WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass... Moderate Unreviewed
CVE-2025-5749 was published Jun 6, 2025
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed
CVE-2025-49599 was published Jun 6, 2025
WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2025-5751 was published Jun 6, 2025
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified... Moderate Unreviewed
CVE-2025-5784 was published Jun 6, 2025
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote ... Moderate Unreviewed
CVE-2025-22490 was published Jun 6, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record... Moderate Unreviewed
CVE-2025-5783 was published Jun 6, 2025
A buffer overflow vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-56805 was published Jun 6, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05.... Moderate Unreviewed
CVE-2025-5620 was published Jun 5, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714... Moderate Unreviewed
CVE-2025-5502 was published Jun 3, 2025
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in... Moderate Unreviewed
CVE-2024-37661 was published Jun 17, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.0 does not properly sanitise and... Moderate Unreviewed
CVE-2024-6390 was published Aug 3, 2024
Yii 2 Redis may expose AUTH parameters in logs in case of connection failure Moderate
CVE-2025-48493 was published for yiisoft/yii2-redis (Composer) Jun 5, 2025
particleflux
Para Inserts Sensitive Information into Log File for Facebook authentication Moderate
CVE-2025-49009 was published for com.erudika:para-server (Maven) Jun 6, 2025
Django Improper Output Neutralization for Logs vulnerability Moderate
CVE-2025-48432 was published for Django (pip) Jun 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database