Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,045
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

110,009 advisories

Loading
An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to... High Unreviewed
CVE-2025-50572 was published Jul 31, 2025
pyjwt v2.10.1 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45768 was published Jul 31, 2025
php-jwt v6.11.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45769 was published Jul 31, 2025
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows... High Unreviewed
CVE-2025-26064 was published Jul 31, 2025
jwt v5.4.3 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45770 was published Jul 31, 2025
OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size High
CVE-2025-48071 was published for OpenEXR (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4... High Unreviewed
CVE-2025-52203 was published Jul 31, 2025
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to... High Unreviewed
CVE-2025-51503 was published Jul 31, 2025
An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential... High Unreviewed
CVE-2025-50850 was published Jul 31, 2025
ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3,... High Unreviewed
CVE-2025-29556 was published Jul 31, 2025
Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege... High Unreviewed
CVE-2025-0889 was published Jul 31, 2025
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7... High Unreviewed
CVE-2014-125125 was published Jul 31, 2025
A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in... High Unreviewed
CVE-2013-10039 was published Jul 31, 2025
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile... High Unreviewed
CVE-2025-50849 was published Jul 31, 2025
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to... High Unreviewed
CVE-2025-52289 was published Jul 31, 2025
@nyariv/sandboxjs has Prototype Pollution vulnerability that may lead to RCE High
CVE-2025-34146 was published for @nyariv/sandboxjs (npm) Jul 31, 2025
JLLeitschuh
A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the... High Unreviewed
CVE-2013-10035 was published Jul 31, 2025
A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version... High Unreviewed
CVE-2013-10036 was published Jul 31, 2025
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds... High Unreviewed
CVE-2011-10008 was published Jul 31, 2025
The NinjaScanner – Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-8213 was published Jul 31, 2025
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of... High Unreviewed
CVE-2025-2813 was published Jul 31, 2025
A high privileged remote attacker can execute arbitrary OS commands using an undocumented method... High Unreviewed
CVE-2025-41688 was published Jul 31, 2025
A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A... High Unreviewed
CVE-2025-46359 was published Jul 31, 2025
ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all... High Unreviewed
CVE-2025-53558 was published Jul 31, 2025
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2025-7847 was published Jul 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database