Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,893
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,115 advisories

Loading
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34223 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34224 was published Sep 29, 2025
An issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru... Critical Unreviewed
CVE-2025-57266 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.862 and Application... Critical Unreviewed
CVE-2025-34209 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34211 was published Sep 29, 2025
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware... Critical Unreviewed
CVE-2025-30247 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed
CVE-2025-34216 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34218 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and... Critical Unreviewed
CVE-2025-34221 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34222 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed
CVE-2025-34215 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and... Critical Unreviewed
CVE-2025-34196 was published Sep 29, 2025
A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote... Critical Unreviewed
CVE-2025-56752 was published Sep 29, 2025
j178/prek-action vulnerable to arbitrary code injection in composite action Critical
GHSA-pwf7-47c3-mfhx was published for j178/prek-action (GitHub Actions) Sep 29, 2025
mondeja
Credited to mondeja
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-13150 was published Sep 29, 2025
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an... Critical Unreviewed
CVE-2025-8868 was published Sep 29, 2025
asdasdasdasdasdasdasd Critical Unreviewed
CVE-2025-11150 was published Sep 29, 2025
In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code... Critical Unreviewed
CVE-2025-58384 was published Sep 26, 2025
In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can... Critical Unreviewed
CVE-2025-55187 was published Sep 26, 2025
get-jwks: poisoned JWKS cache allows post-fetch issuer validation bypass Critical
CVE-2025-59936 was published for get-jwks (npm) Sep 26, 2025
epureionut99
Credited to epureionut99
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer... Critical Unreviewed
CVE-2025-60219 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a... Critical Unreviewed
CVE-2025-60156 was published Sep 26, 2025
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system... Critical Unreviewed
CVE-2025-59815 was published Sep 25, 2025
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and... Critical Unreviewed
CVE-2025-59814 was published Sep 25, 2025
This vulnerability allows attackers to execute arbitrary commands on the underlying system.... Critical Unreviewed
CVE-2025-59817 was published Sep 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database