Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

127,073 advisories

Loading
Paracrawl KeOPs v2 is vulnerable to Cross Site Scripting (XSS) in error.php. Moderate Unreviewed
CVE-2025-56762 was published Sep 19, 2025
Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation.... Moderate Unreviewed
CVE-2025-57396 was published Sep 19, 2025
Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail... Moderate Unreviewed
CVE-2025-59689 was published Sep 19, 2025
HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing... Moderate Unreviewed
CVE-2025-10568 was published Sep 19, 2025
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are ... Moderate Unreviewed
CVE-2025-26516 was published Sep 19, 2025
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are ... Moderate Unreviewed
CVE-2025-26517 was published Sep 19, 2025
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are ... Moderate Unreviewed
CVE-2025-26514 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... Moderate Unreviewed
CVE-2025-34189 was published Sep 19, 2025
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local... Moderate Unreviewed
CVE-2025-21041 was published Sep 19, 2025
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21478 was published Sep 19, 2025
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this... Moderate Unreviewed
CVE-2025-10716 was published Sep 19, 2025
A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by... Moderate Unreviewed
CVE-2025-10717 was published Sep 19, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-46703 was published Sep 19, 2025
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-58114 was published Sep 19, 2025
Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper... Moderate Unreviewed
CVE-2025-8532 was published Sep 19, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-8664 was published Sep 19, 2025
A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The... Moderate Unreviewed
CVE-2025-10715 was published Sep 19, 2025
A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This... Moderate Unreviewed
CVE-2025-10711 was published Sep 19, 2025
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This issue affects... Moderate Unreviewed
CVE-2025-10712 was published Sep 19, 2025
A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown... Moderate Unreviewed
CVE-2025-10710 was published Sep 19, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-48007 was published Sep 19, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-57880 was published Sep 19, 2025
A security vulnerability has been detected in Four-Faith Water Conservancy Informatization... Moderate Unreviewed
CVE-2025-10708 was published Sep 19, 2025
A weakness has been identified in JeecgBoot up to 3.8.2. Affected is an unknown function of the... Moderate Unreviewed
CVE-2025-10707 was published Sep 19, 2025
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform 1.0.... Moderate Unreviewed
CVE-2025-10709 was published Sep 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database