Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,347
Maven
5,000+
npm
3,976
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

478 advisories

Loading
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5439 was published Jun 2, 2025
An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report &... Moderate Unreviewed
CVE-2024-57337 was published May 28, 2025
An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x... Moderate Unreviewed
CVE-2024-57338 was published May 28, 2025
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an... Moderate Unreviewed
CVE-2025-5265 was published May 27, 2025
Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird... Moderate Unreviewed
CVE-2025-5268 was published May 27, 2025
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker... Moderate Unreviewed
CVE-2025-5264 was published May 27, 2025
A vulnerability was found in Qualitor 8.20. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2025-5139 was published May 25, 2025
Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01... Moderate Unreviewed
CVE-2025-46176 was published May 23, 2025
A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects... Moderate Unreviewed
CVE-2025-5106 was published May 23, 2025
A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote... Moderate Unreviewed
CVE-2025-20258 was published May 21, 2025
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been... Moderate Unreviewed
CVE-2025-5000 was published May 20, 2025
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified... Moderate Unreviewed
CVE-2025-4999 was published May 20, 2025
The ChatGPT system through 2025-03-30 performs inline rendering of SVG documents (instead of, for... Moderate Unreviewed
CVE-2025-43714 was published May 19, 2025
A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. This... Moderate Unreviewed
CVE-2025-4851 was published May 18, 2025
A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101.... Moderate Unreviewed
CVE-2025-4850 was published May 18, 2025
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical.... Moderate Unreviewed
CVE-2025-4849 was published May 18, 2025
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard... Moderate Unreviewed
CVE-2024-55466 was published May 12, 2025
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. Moderate Unreviewed
CVE-2025-44176 was published May 12, 2025
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-4454 was published May 9, 2025
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-4453 was published May 9, 2025
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-4443 was published May 9, 2025
A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the... Moderate Unreviewed
CVE-2025-4445 was published May 9, 2025
An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute... Moderate Unreviewed
CVE-2025-44023 was published May 8, 2025
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The... Moderate Unreviewed
CVE-2025-45798 was published May 8, 2025
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed
CVE-2023-51295 was published May 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database