GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,434
Composer 4,826
Erlang 36
GitHub Actions 32
Go 2,426
Maven 5,833
npm 4,058
NuGet 723
pip 3,848
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 265,041

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

288,475 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as... Moderate Unreviewed

CVE-2025-8738 was published Aug 8, 2025

Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of... Critical Unreviewed

CVE-2012-10053 was published Aug 8, 2025

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this... Moderate Unreviewed

CVE-2025-8735 was published Aug 8, 2025

Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its... Critical Unreviewed

CVE-2012-10047 was published Aug 8, 2025

Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint.... High Unreviewed

CVE-2012-10048 was published Aug 8, 2025

Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability... High Unreviewed

CVE-2012-10051 was published Aug 8, 2025

EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10052 was published Aug 8, 2025

CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10050 was published Aug 8, 2025

WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2012-10049 was published Aug 8, 2025

IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2025-0719 was published Aug 8, 2025

Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog... High Unreviewed

CVE-2012-10042 was published Aug 8, 2025

WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php... Critical Unreviewed

CVE-2012-10041 was published Aug 8, 2025

A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in... Critical Unreviewed

CVE-2012-10043 was published Aug 8, 2025

The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an... Critical Unreviewed

CVE-2012-10046 was published Aug 8, 2025

MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php... Critical Unreviewed

CVE-2012-10044 was published Aug 8, 2025

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote... Critical Unreviewed

CVE-2012-10045 was published Aug 8, 2025

An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as... Critical Unreviewed

CVE-2010-10013 was published Aug 8, 2025

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... Moderate Unreviewed

CVE-2025-50468 was published Aug 8, 2025

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... High Unreviewed

CVE-2025-50466 was published Aug 8, 2025

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed

CVE-2012-10036 was published Aug 8, 2025

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... High Unreviewed

CVE-2025-50465 was published Aug 8, 2025

Liferay Portal and Liferay DXP Workflow Component Does Not Check User Permissions Critical

CVE-2024-38002 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 22, 2024

Liferay Portal and Liferay DXP Vulnerable to XSS in the Fragment Components Critical

CVE-2023-44309 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023

Liferay Portal and Liferay DXP Vulnerable to Stored XSS in the Manage Vocabulary Page Critical

CVE-2023-42629 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023

Liferay Portal and Liferay DXP Vulnerable to Reflected XSS via the Export for Translation Page Critical

CVE-2023-42497 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

288,475 advisories