Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,825 advisories

Loading
An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480,... Moderate Unreviewed
CVE-2024-45183 was published Aug 4, 2025
An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream... Moderate Unreviewed
CVE-2025-50422 was published Aug 4, 2025
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and... Moderate Unreviewed
CVE-2025-55014 was published Aug 4, 2025
A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified... Moderate Unreviewed
CVE-2025-8523 was published Aug 4, 2025
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-8525 was published Aug 4, 2025
A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-8526 was published Aug 4, 2025
A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5.... Moderate Unreviewed
CVE-2025-8521 was published Aug 4, 2025
A vulnerability was found in Boquan DotWallet App 2.15.2 on Android and classified as problematic... Moderate Unreviewed
CVE-2025-8524 was published Aug 4, 2025
_is_safe in the File::Temp module for Perl does not properly handle symlinks. Moderate Unreviewed
CVE-2011-4116 was published Apr 22, 2022
filebrowser Sets Insecure File Permissions Moderate
CVE-2025-52900 was published for github.com/filebrowser/filebrowser (Go) Jun 27, 2025
mtausig hacdias
Grafana Infinity Datasource Plugin SSRF Vulnerability Moderate
CVE-2025-8341 was published for github.com/grafana/grafana-infinity-datasource (Go) Aug 4, 2025
A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This... Moderate Unreviewed
CVE-2025-8519 was published Aug 4, 2025
A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2025-8518 was published Aug 4, 2025
A vulnerability classified as critical was found in givanz Vvveb up to 1.0.5. This vulnerability... Moderate Unreviewed
CVE-2025-8520 was published Aug 4, 2025
A vulnerability was found in givanz Vvveb 1.0.6.1. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-8517 was published Aug 4, 2025
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. Moderate Unreviewed
CVE-2025-44962 was published Aug 4, 2025
RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. Moderate Unreviewed
CVE-2025-44958 was published Aug 4, 2025
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been... Moderate Unreviewed
CVE-2025-8516 was published Aug 4, 2025
File Browser vulnerable to insecure password handling Moderate
CVE-2025-52997 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
File Browser allows sensitive data to be transferred in URL Moderate
CVE-2025-52901 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Apache Zeppelin: Missing Origin Validation in WebSockets vulnerability Moderate
CVE-2024-51775 was published for org.apache.zeppelin:zeppelin-shell (Maven) Aug 3, 2025
Apache Zeppelin: XSS in the Helium module Moderate
CVE-2024-41177 was published for org.apache.zeppelin:zeppelin-web (Maven) Aug 3, 2025
Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string Moderate
CVE-2024-52279 was published for org.apache.zeppelin:zeppelin-jdbc (Maven) Aug 3, 2025
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2025-20696 was published Aug 4, 2025
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-20698 was published Aug 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database