Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263,589 advisories

Loading
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8124 was published Jul 25, 2025
This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8... Moderate Unreviewed
CVE-2025-22165 was published Jul 25, 2025
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token... Low Unreviewed
CVE-2025-0249 was published Jul 25, 2025
The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-3614 was published Jul 25, 2025
An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that... High Unreviewed
CVE-2025-7742 was published Jul 25, 2025
HCL IEM is affected by an authorization token sent in cookie vulnerability.  A token used for... Low Unreviewed
CVE-2025-0250 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical.... Moderate Unreviewed
CVE-2025-8123 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The... Moderate Unreviewed
CVE-2025-51088 was published Jul 24, 2025
HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed
CVE-2025-31953 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform... Moderate Unreviewed
CVE-2025-51082 was published Jul 24, 2025
A vulnerability has been found in PHPGurukul Taxi Stand Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-8115 was published Jul 24, 2025
The embedded web server on the thermostat listed version ranges contain a vulnerability that... Critical Unreviewed
CVE-2025-6260 was published Jul 24, 2025
ReDoS in strip_whitespaces() function in cps/string_helper.py in janeczku Calibre Web 0.6.24 ... High Unreviewed
CVE-2025-6998 was published Jul 24, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain... High Unreviewed
CVE-2025-31952 was published Jul 24, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Moderate Unreviewed
CVE-2025-7404 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo... Moderate Unreviewed
CVE-2025-51089 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The... Moderate Unreviewed
CVE-2025-51085 was published Jul 24, 2025
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned... Moderate Unreviewed
CVE-2025-45731 was published Jul 24, 2025
A maliciously crafted binary file, when present while loading files in certain Autodesk... High Unreviewed
CVE-2025-5039 was published Jul 24, 2025
SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in... Moderate Unreviewed
CVE-2025-45702 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the managerPlaylists PlaylistOwnerUsersId... Critical Unreviewed
CVE-2025-46410 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the LoginWordPress loginForm cancelUri... High Unreviewed
CVE-2025-36548 was published Jul 24, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-47061 was published Jul 24, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46996 was published Jul 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database