Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,938 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52446 was published Jul 25, 2025
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... High Unreviewed
CVE-2025-52453 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52447 was published Jul 25, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-52452 was published Jul 25, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52449 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52448 was published Jul 25, 2025
HAX CMS API Lacks Authorization Checks High
CVE-2025-54378 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 25, 2025
lfgberg
Skops may allow MethodNode to access unexpected object fields through dot notation, leading to arbitrary code execution at load time High
CVE-2025-54413 was published for skops (pip) Jul 25, 2025
io-no
Skops has Inconsistent Trusted Type Validation that Enables Hidden `operator` Methods Execution High
CVE-2025-54412 was published for skops (pip) Jul 25, 2025
io-no
Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue... High Unreviewed
CVE-2025-36727 was published Jul 25, 2025
An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain... High Unreviewed
CVE-2025-29630 was published Jul 25, 2025
Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed
CVE-2025-45466 was published Jul 25, 2025
goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter. High Unreviewed
CVE-2023-53155 was published Jul 25, 2025
An issue in Gardyn 4 allows a remote attacker to obtain sensitive information and execute... High Unreviewed
CVE-2025-29629 was published Jul 25, 2025
An issue in Gardyn 4 allows a remote attacker to obtain sensitive information and execute... High Unreviewed
CVE-2025-29628 was published Jul 25, 2025
A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11... High Unreviewed
CVE-2024-13975 was published Jul 25, 2025
A DLL injection vulnerability exists in Commvault for Windows 11.20.0, 11.28.0, 11.32.0, 11.34.0,... High Unreviewed
CVE-2024-13976 was published Jul 25, 2025
A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience... High Unreviewed
CVE-2025-34139 was published Jul 25, 2025
A client-side security misconfiguration vulnerability exists in OpenBlow whistleblowing platform... High Unreviewed
CVE-2025-34114 was published Jul 25, 2025
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives.... High Unreviewed
CVE-2014-125119 was published Jul 25, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... High Unreviewed
CVE-2020-36850 was published Jul 25, 2025
A client-side remote code execution vulnerability exists in Samsung Security Manager versions 1... High Unreviewed
CVE-2016-15046 was published Jul 25, 2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling... High Unreviewed
CVE-2014-125114 was published Jul 25, 2025
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The... High Unreviewed
CVE-2013-10032 was published Jul 25, 2025
A Cross-Site Scripting (XSS) vulnerability exists in the OPAC search feature of Koha Library... High Unreviewed
CVE-2025-52360 was published Jul 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database