GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,127
Composer 5,092
Erlang 40
GitHub Actions 38
Go 2,767
Maven 6,180
npm 4,374
NuGet 770
pip 4,148
Pub 12
RubyGems 963
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 282,187

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

146,362 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7... Moderate Unreviewed

CVE-2025-64641 was published Dec 24, 2025

Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7... Moderate Unreviewed

CVE-2025-13767 was published Dec 24, 2025

OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow... Moderate Unreviewed

CVE-2024-58335 was published Dec 24, 2025

A flaw has been found in code-projects Student Information System 1.0. This issue affects some... Moderate Unreviewed

CVE-2025-15053 was published Dec 24, 2025

A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability... Moderate Unreviewed

CVE-2025-15052 was published Dec 24, 2025

A security vulnerability has been detected in code-projects Student File Management System 1.0.... Moderate Unreviewed

CVE-2025-15050 was published Dec 24, 2025

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the... Moderate Unreviewed

CVE-2025-15048 was published Dec 24, 2025

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown... Moderate Unreviewed

CVE-2025-15049 was published Dec 24, 2025

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... Moderate Unreviewed

CVE-2025-14405 was published Dec 24, 2025

Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation... Moderate Unreviewed

CVE-2025-13698 was published Dec 24, 2025

CMSimple 5.4 contains a cross-site scripting vulnerability that allows attackers to bypass input... Moderate Unreviewed

CVE-2021-47733 was published Dec 23, 2025

Zucchetti Axess CLOKI Access Control 1.64 contains a cross-site request forgery vulnerability... Moderate Unreviewed

CVE-2021-47722 was published Dec 23, 2025

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert... Moderate Unreviewed

CVE-2021-47737 was published Dec 23, 2025

CSZ CMS 1.2.7 contains a persistent cross-site scripting vulnerability that allows unauthorized... Moderate Unreviewed

CVE-2021-47738 was published Dec 23, 2025

Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated... Moderate Unreviewed

CVE-2021-47716 was published Dec 23, 2025

CMSimple 5.2 contains a stored cross-site scripting vulnerability in the Filebrowser External... Moderate Unreviewed

CVE-2021-47732 was published Dec 23, 2025

A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a... Moderate Unreviewed

CVE-2025-65410 was published Dec 23, 2025

Home Assistant Core before is vulnerable to Directory Traversal Moderate

CVE-2025-65713 was published for homeassistant (pip) Dec 23, 2025

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the... Moderate Unreviewed

CVE-2025-45493 was published Dec 23, 2025

LibreNMS Alert Rule API Cross-Site Scripting Vulnerability Moderate

CVE-2025-68614 was published for librenms/librenms (Composer) Dec 23, 2025

Credited to zdi-disclosures

Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service Moderate

CVE-2025-67743 was published for local-deep-research (pip) Dec 23, 2025

Credited to yueyueL

A reflected Cross-Site Scripting (XSS) vulnerability has been identified in TechStore version 1.0... Moderate Unreviewed

CVE-2025-66845 was published Dec 23, 2025

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-14000 was published Dec 23, 2025

The Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-14548 was published Dec 23, 2025

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-14635 was published Dec 23, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

146,362 advisories