Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

266,960 advisories

Loading
Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue... Moderate Unreviewed
CVE-2025-26876 was published Feb 25, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Tourfic.This issue affects... Critical Unreviewed
CVE-2024-29135 was published Mar 19, 2024
In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an... Critical Unreviewed
CVE-2024-56525 was published Feb 25, 2025
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and... Low Unreviewed
CVE-2024-10545 was published Feb 25, 2025
In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a... Moderate Unreviewed
CVE-2023-21038 was published Mar 24, 2023
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory... Critical Unreviewed
CVE-2024-2615 was published Mar 19, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-29134 was published Mar 19, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26877 was published Feb 25, 2025
SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2025-22974 was published Feb 25, 2025
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the... Moderate Unreviewed
CVE-2023-21036 was published Mar 24, 2023
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL... Critical Unreviewed
CVE-2024-53544 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-29138 was published Mar 19, 2024
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic:... High Unreviewed
CVE-2024-29136 was published Mar 19, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-29130 was published Mar 19, 2024
To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to... Low Unreviewed
CVE-2024-2616 was published Mar 19, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26964 was published Feb 25, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26979 was published Feb 25, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request... Moderate Unreviewed
CVE-2025-26963 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26981 was published Feb 25, 2025
Missing Authorization vulnerability in WP Chill Strong Testimonials allows Accessing... Moderate Unreviewed
CVE-2025-26975 was published Feb 25, 2025
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers... Moderate Unreviewed
CVE-2025-26960 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26991 was published Feb 25, 2025
Missing Authorization vulnerability in Anton Vanyukov Market Exporter allows Exploiting... Moderate Unreviewed
CVE-2025-26995 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26947 was published Feb 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ameliabooking Amelia allows... Moderate Unreviewed
CVE-2025-26965 was published Feb 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database