Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,938 advisories

Loading
A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered. High Unreviewed
CVE-2025-54297 was published Jul 23, 2025
A stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla was discovered. High Unreviewed
CVE-2025-54296 was published Jul 23, 2025
A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows... High Unreviewed
CVE-2024-12310 was published Jul 23, 2025
A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow... High Unreviewed
CVE-2025-31701 was published Jul 23, 2025
A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow... High Unreviewed
CVE-2025-31700 was published Jul 23, 2025
An authenticated remote attacker can execute arbitrary commands with root privileges on affected... High Unreviewed
CVE-2025-41683 was published Jul 23, 2025
An authenticated remote attacker can execute arbitrary commands with root privileges on affected... High Unreviewed
CVE-2025-41684 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54447 was published Jul 23, 2025
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows... High Unreviewed
CVE-2025-54452 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54453 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54450 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54439 was published Jul 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9... High Unreviewed
CVE-2025-54441 was published Jul 23, 2025
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics... High Unreviewed
CVE-2025-54445 was published Jul 23, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed
CVE-2024-53286 was published Jul 23, 2025
private-ip vulnerable to Server-Side Request Forgery High
CVE-2025-8020 was published for private-ip (npm) Jul 23, 2025
files-bucket-server vulnerable to Directory Traversal High
CVE-2025-8021 was published for files-bucket-server (npm) Jul 23, 2025
bun vulnerable to OS Command Injection High
CVE-2025-8022 was published for bun (npm) Jul 23, 2025
lirantal
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-6190 was published Jul 23, 2025
The Social Streams plugin for WordPress is vulnerable to privilege escalation in all versions up... High Unreviewed
CVE-2025-7722 was published Jul 23, 2025
A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by... High Unreviewed
CVE-2025-8060 was published Jul 23, 2025
A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for... High Unreviewed
CVE-2025-43022 was published Jul 23, 2025
Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration... High Unreviewed
CVE-2025-7766 was published Jul 23, 2025
Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to... High Unreviewed
CVE-2025-8011 was published Jul 23, 2025
Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to... High Unreviewed
CVE-2025-8010 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database