Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

288,469 advisories

Loading
A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability... Moderate Unreviewed
CVE-2025-8744 was published Aug 9, 2025
Kernel software installed and running inside an untrusted/rich execution environment (REE) could... Unknown Unreviewed
CVE-2025-6573 was published Aug 9, 2025
Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL... Unknown Unreviewed
CVE-2025-46709 was published Aug 9, 2025
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-8742 was published Aug 9, 2025
A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-8741 was published Aug 9, 2025
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects... Moderate Unreviewed
CVE-2025-8743 was published Aug 9, 2025
uv allows ZIP payload obfuscation through parsing differentials Moderate
CVE-2025-54368 was published for uv (pip) Aug 7, 2025
charliermarsh zanieb
woodruffw thatch calebbrown
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... Moderate Unreviewed
CVE-2025-50467 was published Aug 8, 2025
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to... Critical Unreviewed
CVE-2025-23266 was published Jul 17, 2025
FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html. Critical Unreviewed
CVE-2025-50692 was published Aug 7, 2025
A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform... Moderate Unreviewed
CVE-2025-8737 was published Aug 8, 2025
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2025-8740 was published Aug 8, 2025
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8.... Moderate Unreviewed
CVE-2025-8736 was published Aug 8, 2025
The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-4796 was published Aug 8, 2025
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as... Moderate Unreviewed
CVE-2025-8738 was published Aug 8, 2025
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of... Critical Unreviewed
CVE-2012-10053 was published Aug 8, 2025
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this... Moderate Unreviewed
CVE-2025-8735 was published Aug 8, 2025
7-Zip before 25.01 does not always properly handle symbolic links during extraction. Low Unreviewed
CVE-2025-55188 was published Aug 8, 2025
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8739 was published Aug 8, 2025
Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its... Critical Unreviewed
CVE-2012-10047 was published Aug 8, 2025
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint.... High Unreviewed
CVE-2012-10048 was published Aug 8, 2025
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10052 was published Aug 8, 2025
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10050 was published Aug 8, 2025
WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10049 was published Aug 8, 2025
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability... High Unreviewed
CVE-2012-10051 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database