Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,988
NuGet
720
pip
3,779
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

283,996 advisories

Loading
A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-5108 was published May 23, 2025
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed
CVE-2024-41927 was published Sep 4, 2024
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37092 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5447 was published Jun 2, 2025
The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-5692 was published Jul 2, 2025
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka... Moderate Unreviewed
CVE-2025-40907 was published May 16, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... High Unreviewed
CVE-2025-49741 was published Jul 2, 2025
In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-36630 was published Jul 2, 2025
Improper Authentication vulnerability in Apache Solr Critical
CVE-2024-45216 was published for org.apache.solr:solr (Maven) Oct 16, 2024
@cyanheads/git-mcp-server vulnerable to command injection in several tools High
CVE-2025-53107 was published for @cyanheads/git-mcp-server (npm) Jun 30, 2025
dellalibera cyanheads
junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener Moderate
CVE-2025-53103 was published for org.junit.platform:junit-platform-reporting (Maven) Jul 1, 2025
ciscoo marcphilipp
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a... Moderate Unreviewed
CVE-2025-5526 was published Jun 27, 2025
A vulnerability, which was classified as critical, was found in code-projects Inventory... Moderate Unreviewed
CVE-2025-6827 was published Jun 29, 2025
YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly... High Unreviewed
CVE-2025-45080 was published Jul 1, 2025
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-6820 was published Jun 28, 2025
The WP Map Block WordPress plugin before 2.0.3 does not validate and escape some of its block... Moderate Unreviewed
CVE-2025-5194 was published Jun 27, 2025
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-6828 was published Jun 29, 2025
Insufficient validation of the screen lock mechanism in Trust Wallet v8.45 allows physically... Moderate Unreviewed
CVE-2025-52294 was published Jul 1, 2025
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the... Moderate Unreviewed
CVE-2025-50405 was published Jul 1, 2025
A vulnerability was found in code-projects Inventory Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-6821 was published Jun 28, 2025
Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. High Unreviewed
CVE-2025-45081 was published Jul 1, 2025
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-6819 was published Jun 28, 2025
Incorrect access control in Ullu (Android version v2.9.929 and IOS version v2.8.0) allows... Moderate Unreviewed
CVE-2025-45083 was published Jul 1, 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a... Critical Unreviewed
CVE-2025-32463 was published Jun 30, 2025
The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an... Critical Unreviewed
CVE-2021-4457 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database