Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,820 advisories

Loading
An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that... High Unreviewed
CVE-2025-7742 was published Jul 25, 2025
HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed
CVE-2025-31953 was published Jul 24, 2025
ReDoS in strip_whitespaces() function in cps/string_helper.py in janeczku Calibre Web 0.6.24 ... High Unreviewed
CVE-2025-6998 was published Jul 24, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain... High Unreviewed
CVE-2025-31952 was published Jul 24, 2025
A maliciously crafted binary file, when present while loading files in certain Autodesk... High Unreviewed
CVE-2025-5039 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the LoginWordPress loginForm cancelUri... High Unreviewed
CVE-2025-36548 was published Jul 24, 2025
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit... High Unreviewed
CVE-2025-48732 was published Jul 24, 2025
A race condition vulnerability exists in the aVideoEncoder.json.php unzip functionality of WWBN... High Unreviewed
CVE-2025-25214 was published Jul 24, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names. High
CVE-2025-54379 was published for github.com/lf-edge/ekuiper/v2 (Go) Jul 24, 2025
odaysec
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... High Unreviewed
CVE-2025-47187 was published Jul 23, 2025
ImageMagick has XMP profile write that triggers hang due to unbounded loop High
CVE-2025-53015 was published for Magick.NET-Q16-AnyCPU (NuGet) Jul 23, 2025
yosiimich root-Brainoverflow
jin-156 JungWooJJING I-mho T1deSEC P2GONE GAP-dev
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may... High Unreviewed
CVE-2025-2634 was published Jul 23, 2025
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre... High Unreviewed
CVE-2025-2633 was published Jul 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18... High Unreviewed
CVE-2025-4439 was published Jul 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18... High Unreviewed
CVE-2025-4700 was published Jul 23, 2025
During the AWS Client VPN client installation on Windows devices, the install process references... High Unreviewed
CVE-2025-8069 was published Jul 23, 2025
Withdrawn Advisory: Axios has Transitive Critical Vulnerability via form-data High
CVE-2025-54371 was published for axios (npm) Jul 23, 2025 withdrawn
izzygld mhassan1
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based... High Unreviewed
CVE-2025-33077 was published Jul 23, 2025
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote,... High Unreviewed
CVE-2025-40597 was published Jul 23, 2025
A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux... High Unreviewed
CVE-2025-6018 was published Jul 23, 2025
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server... High Unreviewed
CVE-2010-10012 was published Jul 23, 2025
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager... High Unreviewed
CVE-2016-15045 was published Jul 23, 2025
An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0... High Unreviewed
CVE-2018-25113 was published Jul 23, 2025
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based... High Unreviewed
CVE-2025-33076 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database