Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

110,220 advisories

Loading
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic.... High Unreviewed
CVE-2025-8758 was published Aug 9, 2025
A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by... High Unreviewed
CVE-2025-8757 was published Aug 9, 2025
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-1934 was published Apr 9, 2024
The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-4796 was published Aug 8, 2025
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint.... High Unreviewed
CVE-2012-10048 was published Aug 8, 2025
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability... High Unreviewed
CVE-2012-10051 was published Aug 8, 2025
Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog... High Unreviewed
CVE-2012-10042 was published Aug 8, 2025
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... High Unreviewed
CVE-2025-50466 was published Aug 8, 2025
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... High Unreviewed
CVE-2025-50465 was published Aug 8, 2025
Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout Module High
CVE-2023-35030 was published for com.liferay.portal:release.dxp.bom (Maven) Jun 15, 2023
Liferay Portal and Liferay DXP Vulnerable to SQL Injection via the Layout Module High
CVE-2022-42121 was published for com.liferay.portal:release.dxp.bom (Maven) Nov 15, 2022
Apache Tomcat - DoS in multipart upload High
CVE-2025-48988 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability High
CVE-2024-50379 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Dec 17, 2024
biehl1
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
Apache Tomcat - Denial of Service High
CVE-2024-34750 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 3, 2024
westonsteimel
Student Attendance Management System v1 was discovered to contain multiple SQL injection... High Unreviewed
CVE-2023-41522 was published Aug 7, 2025
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the... High Unreviewed
CVE-2025-47219 was published Aug 7, 2025
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability... High Unreviewed
CVE-2023-41524 was published Aug 7, 2025
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability... High Unreviewed
CVE-2023-41523 was published Aug 7, 2025
Apache Tomcat Improper Input Validation vulnerability High
CVE-2023-46589 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 28, 2023
biehl1
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external... High Unreviewed
CVE-2025-8355 was published Aug 8, 2025
The affected product allows firmware updates to be downloaded from EG4's website, transferred... High Unreviewed
CVE-2025-53520 was published Aug 8, 2025
The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed
CVE-2025-52586 was published Aug 8, 2025
A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has... High Unreviewed
CVE-2025-8731 was published Aug 8, 2025
A TLS vulnerability exists in the phone application used to manage a connected device. The phone... High Unreviewed
CVE-2025-8393 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database