Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

108,572 advisories

Loading
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity... High Unreviewed
CVE-2025-33121 was published Jun 19, 2025
PowSyBl Core allows deserialization of untrusted SparseMatrix data High
CVE-2025-47771 was published for com.powsybl:powsybl-math (Maven) Jun 19, 2025
arthurscchan AdamKorcz
olperr1 rolnico
DotVVM allows path traversal when deployed in Debug mode High
GHSA-6q65-j4jw-9cg8 was published for DotVVM (NuGet) Jun 19, 2025
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of... High Unreviewed
CVE-2025-5071 was published Jun 19, 2025
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the ... High Unreviewed
CVE-2025-6019 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending... High Unreviewed
CVE-2025-23172 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform provides an option to upload various types of... High Unreviewed
CVE-2025-23171 was published Jun 19, 2025
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup... High Unreviewed
CVE-2025-24286 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual... High Unreviewed
CVE-2025-23173 was published Jun 19, 2025
Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to... High Unreviewed
CVE-2025-6191 was published Jun 18, 2025
Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to... High Unreviewed
CVE-2025-6192 was published Jun 18, 2025
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
A missing length check in `ogs_pfcp_subnet_add` function from PFCP library, used by both smf and... High Unreviewed
CVE-2025-44952 was published Jun 18, 2025
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... High Unreviewed
CVE-2025-20271 was published Jun 18, 2025
A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf... High Unreviewed
CVE-2025-44951 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to... High Unreviewed
CVE-2025-36048 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external... High Unreviewed
CVE-2025-36049 was published Jun 18, 2025
SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain... High Unreviewed
CVE-2025-46109 was published Jun 18, 2025
Real Estate Management 1.0 is vulnerable to Cross Site Scripting (XSS) in /store/index.php. High Unreviewed
CVE-2025-45786 was published Jun 18, 2025
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-6220 was published Jun 18, 2025
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed
CVE-2025-6086 was published Jun 18, 2025
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-4413 was published Jun 18, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds read, which may allow an attacker to... High Unreviewed
CVE-2025-32412 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds write, which may allow an attacker... High Unreviewed
CVE-2025-41413 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to a stack-based buffer overflow, which may allow an... High Unreviewed
CVE-2025-41388 was published Jun 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database