Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

110,108 advisories

Loading
Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about... High Unreviewed
CVE-2012-10032 was published Aug 5, 2025
BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to... High Unreviewed
CVE-2012-10031 was published Aug 5, 2025
ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of... High Unreviewed
CVE-2012-10034 was published Aug 5, 2025
Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative... High Unreviewed
CVE-2012-10028 was published Aug 5, 2025
A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A... High Unreviewed
CVE-2013-10065 was published Aug 5, 2025
Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command... High Unreviewed
CVE-2012-10029 was published Aug 5, 2025
XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal... High Unreviewed
CVE-2012-10024 was published Aug 5, 2025
Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa... High Unreviewed
CVE-2025-51628 was published Aug 5, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of... High Unreviewed
CVE-2025-54254 was published Aug 5, 2025
Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker... High Unreviewed
CVE-2025-7674 was published Aug 5, 2025
Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection.... High Unreviewed
CVE-2025-43978 was published Aug 5, 2025
An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated... High Unreviewed
CVE-2025-43979 was published Aug 5, 2025
XWiki exposes passwords and emails stored in fields not named password/email in xml.vm High
CVE-2025-54125 was published for org.xwiki.platform:xwiki-platform-legacy-oldcore (Maven) Aug 5, 2025
XWiki leaks password hashes and other accessible password properties High
CVE-2025-54124 was published for org.xwiki.platform:xwiki-platform-legacy-oldcore (Maven) Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7033 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7025 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7032 was published Aug 5, 2025
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows... High Unreviewed
CVE-2025-29745 was published Aug 5, 2025
Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder High
CVE-2025-54801 was published for github.com/gofiber/fiber/v2 (Go) Aug 5, 2025
anuraagbaishya
mcp-package-docs vulnerable to command injection in several tools High
CVE-2025-54073 was published for mcp-package-docs (npm) Aug 5, 2025
dellalibera
A low privileged local attacker can interact with the affected service although user-interaction... High Unreviewed
CVE-2025-41698 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6207 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-5061 was published Aug 5, 2025
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-7050 was published Aug 5, 2025
An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a... High Unreviewed
CVE-2025-27211 was published Aug 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database