Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

26,505 advisories

Loading
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10052 was published Aug 8, 2025
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of... Critical Unreviewed
CVE-2012-10053 was published Aug 8, 2025
Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its... Critical Unreviewed
CVE-2012-10047 was published Aug 8, 2025
The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an... Critical Unreviewed
CVE-2012-10046 was published Aug 8, 2025
XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote... Critical Unreviewed
CVE-2012-10045 was published Aug 8, 2025
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10050 was published Aug 8, 2025
WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10049 was published Aug 8, 2025
An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as... Critical Unreviewed
CVE-2010-10013 was published Aug 8, 2025
WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php... Critical Unreviewed
CVE-2012-10041 was published Aug 8, 2025
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in... Critical Unreviewed
CVE-2012-10043 was published Aug 8, 2025
Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed
CVE-2012-10036 was published Aug 8, 2025
MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php... Critical Unreviewed
CVE-2012-10044 was published Aug 8, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication... Critical Unreviewed
CVE-2025-8284 was published Aug 8, 2025
The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed
CVE-2025-46414 was published Aug 8, 2025
Burk Technology ARC Solo's password change mechanism can be utilized without proper ... Critical Unreviewed
CVE-2025-5095 was published Aug 8, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
Privileged OpenBao Operator May Execute Code on the Underlying Host Critical
CVE-2025-54997 was published for github.com/openbao/openbao (Go) Aug 8, 2025
Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53767 was published Aug 7, 2025
Azure Portal Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53792 was published Aug 7, 2025
FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html. Critical Unreviewed
CVE-2025-50692 was published Aug 7, 2025
JWE is missing AES-GCM authentication tag validation in encrypted JWE Critical
CVE-2025-54887 was published for jwe (RubyGems) Aug 7, 2025
Sideni
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41527 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41525 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41528 was published Aug 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database