Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,412
Maven
5,000+
npm
4,050
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

264,591 advisories

Loading
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects... Low Unreviewed
CVE-2025-8534 was published Aug 5, 2025
LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows... Critical Unreviewed
CVE-2025-46093 was published Aug 5, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-8530 was published Aug 5, 2025
tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that... Moderate Unreviewed
CVE-2025-54554 was published Aug 5, 2025
A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-8527 was published Aug 5, 2025
An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Unknown Unreviewed
CVE-2025-27212 was published Aug 5, 2025
LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local... Low Unreviewed
CVE-2025-46094 was published Aug 5, 2025
An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a... Unknown Unreviewed
CVE-2025-27211 was published Aug 5, 2025
The vulnerable code can bypass the Captcha check in Liferay Portal 7.4.3.80 through 7.4.3.132,... Moderate Unreviewed
CVE-2025-4604 was published Aug 5, 2025
Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if... Low Unreviewed
CVE-2025-7844 was published Aug 5, 2025
A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0.... Moderate Unreviewed
CVE-2025-8529 was published Aug 5, 2025
The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP... Low Unreviewed
CVE-2025-4599 was published Aug 5, 2025
A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed
CVE-2025-8528 was published Aug 5, 2025
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6... Unknown Unreviewed
CVE-2025-50340 was published Aug 4, 2025
A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain... Unknown Unreviewed
CVE-2025-50341 was published Aug 4, 2025
Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code... High Unreviewed
CVE-2025-53395 was published Aug 4, 2025
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with... High Unreviewed
CVE-2025-53394 was published Aug 4, 2025
A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4.... Low Unreviewed
CVE-2025-8522 was published Aug 4, 2025
Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report... Unknown Unreviewed
CVE-2025-50754 was published Aug 4, 2025
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and... Moderate Unreviewed
CVE-2025-55014 was published Aug 4, 2025
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured... Unknown Unreviewed
CVE-2025-51387 was published Aug 4, 2025
A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified... Moderate Unreviewed
CVE-2025-8523 was published Aug 4, 2025
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-8525 was published Aug 4, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... Unknown Unreviewed
CVE-2025-51726 was published Aug 4, 2025
A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-8526 was published Aug 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database