Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

396 advisories

Loading
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This... Moderate Unreviewed
CVE-2025-6525 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611.... Low Unreviewed
CVE-2025-6527 was published Jun 26, 2025
A vulnerability classified as problematic was found in NOYAFA/Xiami LF9 Pro up to 20250611.... Moderate Unreviewed
CVE-2025-6532 was published Jun 26, 2025
NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s... Moderate Unreviewed
CVE-2025-23260 was published Jun 26, 2025
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates ... High Unreviewed
CVE-2025-41255 was published Jun 26, 2025
JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component Low
CVE-2025-6735 was published for juzaweb/cms (Composer) Jun 27, 2025
JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components Low
CVE-2025-6736 was published for juzaweb/cms (Composer) Jun 27, 2025
Incorrect Privilege Assignment vulnerability in pebas CouponXxL Custom Post Types allows... High Unreviewed
CVE-2025-52726 was published Jun 27, 2025
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60... Moderate Unreviewed
CVE-2025-6765 was published Jun 27, 2025
Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb... Critical Unreviewed
CVE-2025-45006 was published Jul 1, 2025
The misconfiguration in the sudoers configuration of the operating system in Infinera G42... High Unreviewed
CVE-2025-27021 was published Jul 2, 2025
Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege... Critical Unreviewed
CVE-2025-23970 was published Jul 4, 2025
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2025-49867 was published Jul 4, 2025
A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical.... Moderate Unreviewed
CVE-2025-7076 was published Jul 6, 2025
SAPCAR allows an attacker logged in with high privileges to override the permissions of the... Moderate Unreviewed
CVE-2025-43001 was published Jul 8, 2025
SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in... Moderate Unreviewed
CVE-2025-42992 was published Jul 8, 2025
Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation... High Unreviewed
CVE-2025-47422 was published Jul 8, 2025
The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can... Moderate Unreviewed
CVE-2025-27028 was published Jul 9, 2025
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital... Moderate Unreviewed
CVE-2025-0139 was published Jul 10, 2025
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on... Moderate Unreviewed
CVE-2025-0140 was published Jul 10, 2025
A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical.... Moderate Unreviewed
CVE-2025-7552 was published Jul 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database