Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,802
Erlang
36
GitHub Actions
29
Go
2,382
Maven
5,000+
npm
4,015
NuGet
720
pip
3,811
Pub
12
RubyGems
930
Rust
987
Swift
38
Unreviewed advisories
All unreviewed
5,000+

26,236 advisories

Loading
GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying... Critical Unreviewed
CVE-2025-53964 was published Jul 17, 2025
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to... Critical Unreviewed
CVE-2025-23266 was published Jul 17, 2025
Livewire is vulnerable to remote command execution during component property update hydration Critical
CVE-2025-54068 was published for livewire/livewire (Composer) Jul 17, 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2025-25257 was published Jul 17, 2025
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort... Critical Unreviewed
CVE-2025-51630 was published Jul 17, 2025
The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed
CVE-2025-7712 was published Jul 17, 2025
The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up... Critical Unreviewed
CVE-2025-5396 was published Jul 17, 2025
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed
CVE-2025-34132 was published Jul 17, 2025
A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a... Critical Unreviewed
CVE-2025-34127 was published Jul 17, 2025
An unauthenticated command injection vulnerability exists in the cookie handling process of the... Critical Unreviewed
CVE-2025-34125 was published Jul 17, 2025
A remote code execution vulnerability exists in multiple Netcore and Netis routers models with... Critical Unreviewed
CVE-2025-34117 was published Jul 16, 2025
An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station... Critical Unreviewed
CVE-2025-34121 was published Jul 16, 2025
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,... Critical Unreviewed
CVE-2025-20337 was published Jul 16, 2025
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed
CVE-2025-34300 was published Jul 16, 2025
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce... Critical Unreviewed
CVE-2025-52836 was published Jul 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows... Critical Unreviewed
CVE-2025-48300 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object... Critical Unreviewed
CVE-2025-30973 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52714 was published Jul 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription... Critical Unreviewed
CVE-2025-29009 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24759 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28959 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener allows... Critical Unreviewed
CVE-2025-28961 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28982 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30936 was published Jul 16, 2025
Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram allows Object... Critical Unreviewed
CVE-2025-30949 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database