Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,739 advisories

Loading
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53715 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53713 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53714 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53712 was published Jul 29, 2025
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm... Moderate Unreviewed
CVE-2025-53711 was published Jul 29, 2025
Hashicorp Vault has Incorrect Validation for Non-CA Certificates Moderate
CVE-2025-6037 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability Moderate
CVE-2025-6015 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse Moderate
CVE-2025-6014 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Hashicorp Vault has Lockout Feature Authentication Bypass Moderate
CVE-2025-6004 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Microweber XSS Vulnerability in the homepage Endpoint Moderate
CVE-2025-51504 was published for microweber/microweber (Composer) Aug 1, 2025
Microweber has Reflected XSS Vulnerability in the layout Parameter Moderate
CVE-2025-51502 was published for microweber/microweber (Composer) Aug 1, 2025
Microweber has Reflected XSS Vulnerability in the id Parameter Moderate
CVE-2025-51501 was published for microweber/microweber (Composer) Aug 1, 2025
Crash due to uncontrolled recursion in protobuf crate Moderate
CVE-2025-53605 was published for protobuf (Rust) Mar 7, 2025
morningstarxcdcode
Duplicate Advisory: rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS Moderate
GHSA-rxf6-323f-44fc was published for protobuf (Rust) Jul 5, 2025 withdrawn
morningstarxcdcode
webfinger.js Blind SSRF Vulnerability Moderate
CVE-2025-54590 was published for webfinger.js (npm) Jul 28, 2025
orihjfrog silverbucket
MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion Moderate
CVE-2025-53012 was published for MaterialX (pip) Jul 31, 2025
suidpit ndaprela
TheZ3ro smaury
MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit Moderate
CVE-2025-53009 was published for MaterialX (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
OpenEXR Out-Of-Memory via Unbounded File Header Values Moderate
CVE-2025-48074 was published for OpenEXR (pip) Jul 31, 2025
suidpit ndaprela
TheZ3ro smaury
A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed
CVE-2025-43276 was published Jul 30, 2025
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed
CVE-2025-46018 was published Aug 1, 2025
A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8224 was published Jul 27, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to... Moderate Unreviewed
CVE-2025-2713 was published Mar 28, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting.... Moderate Unreviewed
CVE-2025-33118 was published Aug 1, 2025
Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2025-8473 was published Aug 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database