Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,255 advisories

Loading
SAP FICA ODN framework allows a high privileged user to inject value inside the local variable... Moderate Unreviewed
CVE-2025-42947 was published Jul 23, 2025
Improper validation of specified quantity in input issue exists in Real-time Bus Tracking System... Moderate Unreviewed
CVE-2025-43881 was published Jul 23, 2025
The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-5818 was published Jul 23, 2025
The YANewsflash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-6054 was published Jul 23, 2025
The Omnishop plugin for WordPress is vulnerable to Unauthenticated Registration Bypass in all... Moderate Unreviewed
CVE-2025-6215 was published Jul 23, 2025
The Omnishop plugin for WordPress is vulnerable to Cross-Site Request Forgery on its /users... Moderate Unreviewed
CVE-2025-6214 was published Jul 23, 2025
The Fleetwire Fleet Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-6261 was published Jul 23, 2025
The Valuation Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-5753 was published Jul 23, 2025
A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti... Moderate Unreviewed
CVE-2025-43484 was published Jul 23, 2025
A potential privilege escalation through Sudo vulnerability has been identified in the Poly... Moderate Unreviewed
CVE-2025-43487 was published Jul 23, 2025
A potential stored cross-site scripting vulnerability has been identified in the Poly Clariti... Moderate Unreviewed
CVE-2025-43486 was published Jul 23, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43485 was published Jul 23, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43021 was published Jul 23, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43483 was published Jul 23, 2025
A potential command injection vulnerability has been identified in the Poly Clariti Manager for... Moderate Unreviewed
CVE-2025-43020 was published Jul 23, 2025
there is a possible information disclosure due to side channel information disclosure. This could... Moderate Unreviewed
CVE-2024-32926 was published Jun 13, 2024
In plugin_ipc_handler of slc_plugin.c, there is a possible information disclosure due to... Moderate Unreviewed
CVE-2024-32930 was published Jun 13, 2024
Ollama vulnerable to Cross-Domain Token Exposure Moderate
CVE-2025-51471 was published for github.com/ollama/ollama (Go) Jul 22, 2025
Dagster Local File Inclusion vulnerability Moderate
CVE-2025-51481 was published for dagster (pip) Jul 22, 2025
github.com/google/nftable IP addresses were encoded in the wrong byte order Moderate
CVE-2024-6284 was published for github.com/google/nftables (Go) Jul 4, 2024
Reverb use after free vulnerability Moderate
CVE-2024-8375 was published for dm-reverb (pip) Sep 19, 2024
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to... Moderate Unreviewed
CVE-2025-31513 was published Jul 22, 2025
Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows... Moderate Unreviewed
CVE-2025-51479 was published Jul 22, 2025
Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus... Moderate Unreviewed
CVE-2025-51475 was published Jul 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database