Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99,875 advisories

Loading
MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote,... High Unreviewed
CVE-2024-54952 was published May 29, 2025
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2024-51392 was published May 29, 2025
maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings. High Unreviewed
CVE-2025-45474 was published May 29, 2025
Exposure of private personal information to an unauthorized actor in the user vaults component of... High Unreviewed
CVE-2025-5334 was published May 29, 2025
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default... High Unreviewed
CVE-2025-48045 was published May 29, 2025
In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre... High Unreviewed
CVE-2025-4687 was published May 29, 2025
CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute... High Unreviewed
CVE-2025-27703 was published May 28, 2025
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31500 was published May 28, 2025
Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via... High Unreviewed
CVE-2025-30087 was published May 28, 2025
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31501 was published May 28, 2025
Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed
CVE-2025-32801 was published May 28, 2025
Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux... High Unreviewed
CVE-2025-4134 was published May 28, 2025
Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability... High Unreviewed
CVE-2025-45997 was published May 28, 2025
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post'... High Unreviewed
CVE-2025-5287 was published May 28, 2025
An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0... High Unreviewed
CVE-2025-25251 was published May 28, 2025
The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed
CVE-2025-4800 was published May 28, 2025
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running... High Unreviewed
CVE-2025-5222 was published May 27, 2025
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to... High Unreviewed
CVE-2025-5280 was published May 27, 2025
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker... High Unreviewed
CVE-2025-5063 was published May 27, 2025
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows... High Unreviewed
CVE-2025-45529 was published May 27, 2025
An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type... High Unreviewed
CVE-2024-49196 was published May 27, 2025
There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead... High Unreviewed
CVE-2025-27700 was published May 27, 2025
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence... High Unreviewed
CVE-2025-5272 was published May 27, 2025
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these... High Unreviewed
CVE-2025-48797 was published May 27, 2025
A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based... High Unreviewed
CVE-2025-48796 was published May 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database