Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,874 advisories

Loading
In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the... High Unreviewed
CVE-2025-47227 was published Jul 5, 2025
In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL... High Unreviewed
CVE-2025-53603 was published Jul 5, 2025
Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute... High Unreviewed
CVE-2025-43711 was published Jul 5, 2025
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations... High Unreviewed
CVE-2025-52496 was published Jul 4, 2025
mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by... High Unreviewed
CVE-2025-49809 was published Jul 4, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-52807 was published Jul 4, 2025
Deserialization of Untrusted Data vulnerability in designthemes Red Art allows Object Injection.... High Unreviewed
CVE-2025-52828 was published Jul 4, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-49070 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-49245 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-49274 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-49866 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49870 was published Jul 4, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-47627 was published Jul 4, 2025
Server-Side Request Forgery (SSRF) vulnerability in TeconceTheme Allmart allows Server Side... High Unreviewed
CVE-2025-49418 was published Jul 4, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-4414 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-52776 was published Jul 4, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... High Unreviewed
CVE-2025-52718 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-52798 was published Jul 4, 2025
Path Traversal vulnerability in VaultDweller Leyka allows PHP Local File Inclusion. This issue... High Unreviewed
CVE-2025-52805 was published Jul 4, 2025
Missing Authorization vulnerability in pietro MobiLoud allows Exploiting Incorrectly Configured... High Unreviewed
CVE-2025-52813 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-52796 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-28968 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-31037 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-39487 was published Jul 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-32311 was published Jul 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database