GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands
Moderate
CVE-2025-58457
was published
for
org.apache.zookeeper:zookeeper
(Maven)
Sep 24, 2025
Apache IoTDB: Deserialization of untrusted Data
Critical
CVE-2025-48459
was published
for
org.apache.iotdb:iotdb-confignode
(Maven)
Sep 24, 2025
Liferay Portal and DXP does not properly expire sessions
Moderate
CVE-2025-43819
was published
for
com.liferay:com.liferay.saml.impl
(Maven)
Sep 24, 2025
WSO2 Identity Server Apps allows content spoofing in logs
Moderate
CVE-2024-6429
was published
for
org.wso2.identity.apps:authentication-portal
(Maven)
Sep 23, 2025
WSO2 carbon-apimgt affected by an authenticated stored cross-site scripting (XSS) vulnerability
Moderate
CVE-2025-4760
was published
for
org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.api
(Maven)
Sep 23, 2025
ProTip!
Advisories are also available from the
GraphQL API