Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,347 advisories

Loading
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical.... Moderate Unreviewed
CVE-2025-8266 was published Jul 28, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to... Moderate Unreviewed
CVE-2025-8097 was published Jul 26, 2025
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives.... High Unreviewed
CVE-2014-125119 was published Jul 25, 2025
A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed
CVE-2014-125117 was published Jul 25, 2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling... High Unreviewed
CVE-2014-125114 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API High
CVE-2025-54385 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 25, 2025
FastAPI Guard has a regex bypass High
CVE-2025-54365 was published for fastapi-guard (pip) Jul 23, 2025
dhki rennf93
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service High
CVE-2025-47281 was published for github.com/kyverno/kyverno (Go) Jul 22, 2025
thevilledev
The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... High Unreviewed
CVE-2025-6585 was published Jul 22, 2025
HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service High
CVE-2025-54134 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
asareynolds
Apache Jena doesn't validate file access paths in configuration files uploaded by users with administrator access High
CVE-2025-50151 was published for org.apache.jena:jena (Maven) Jul 21, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
A vulnerability classified as critical was found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7876 was published Jul 20, 2025
A command injection vulnerability exists in LILIN LILIN Digital Video Recorder (DVR) devices... High Unreviewed
CVE-2025-34129 was published Jul 17, 2025
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed
CVE-2025-34132 was published Jul 17, 2025
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod... High Unreviewed
CVE-2025-34124 was published Jul 17, 2025
A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when... High Unreviewed
CVE-2025-34123 was published Jul 16, 2025
A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07,... High Unreviewed
CVE-2025-34118 was published Jul 16, 2025
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed
CVE-2025-34300 was published Jul 16, 2025
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204... High Unreviewed
CVE-2025-6558 was published Jul 15, 2025
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed
CVE-2025-34111 was published Jul 15, 2025
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4... High Unreviewed
CVE-2025-34113 was published Jul 15, 2025
An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via... High Unreviewed
CVE-2025-34115 was published Jul 15, 2025
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse... High Unreviewed
CVE-2025-34108 was published Jul 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database