GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+
4,976 advisories
Filter by severity
Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary...
High
Unreviewed
CVE-2025-50492
was published
Jul 28, 2025
Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student...
High
Unreviewed
CVE-2025-50489
was published
Jul 28, 2025
Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student...
High
Unreviewed
CVE-2025-50490
was published
Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor...
High
Unreviewed
CVE-2025-50493
was published
Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car...
High
Unreviewed
CVE-2025-50494
was published
Jul 28, 2025
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives....
High
Unreviewed
CVE-2014-125119
was published
Jul 25, 2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling...
High
Unreviewed
CVE-2014-125114
was published
Jul 25, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API
High
CVE-2025-54385
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Jul 25, 2025
FastAPI Guard has a regex bypass
High
CVE-2025-54365
was published
for
fastapi-guard
(pip)
Jul 23, 2025
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service
High
CVE-2025-47281
was published
for
github.com/kyverno/kyverno
(Go)
Jul 22, 2025
The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all...
High
Unreviewed
CVE-2025-6585
was published
Jul 22, 2025
HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service
High
CVE-2025-54134
was published
for
@haxtheweb/haxcms-nodejs
(npm)
Jul 21, 2025
Apache Jena doesn't validate file access paths in configuration files uploaded by users with administrator access
High
CVE-2025-50151
was published
for
org.apache.jena:jena
(Maven)
Jul 21, 2025
A command injection vulnerability exists in LILIN LILIN Digital Video Recorder (DVR) devices...
High
Unreviewed
CVE-2025-34129
was published
Jul 17, 2025
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod...
High
Unreviewed
CVE-2025-34124
was published
Jul 17, 2025
A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when...
High
Unreviewed
CVE-2025-34123
was published
Jul 16, 2025
A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07,...
High
Unreviewed
CVE-2025-34118
was published
Jul 16, 2025
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204...
High
Unreviewed
CVE-2025-6558
was published
Jul 15, 2025
An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via...
High
Unreviewed
CVE-2025-34115
was published
Jul 15, 2025
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse...
High
Unreviewed
CVE-2025-34108
was published
Jul 15, 2025
A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via...
High
Unreviewed
CVE-2025-34116
was published
Jul 15, 2025
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4...
High
Unreviewed
CVE-2025-34113
was published
Jul 15, 2025
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate...
High
Unreviewed
CVE-2024-42516
was published
Jul 10, 2025
A remote
code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE...
High
Unreviewed
CVE-2025-6376
was published
Jul 9, 2025
A remote
code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE...
High
Unreviewed
CVE-2025-6377
was published
Jul 9, 2025
ProTip!
Advisories are also available from the
GraphQL API