Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,638
Erlang
34
GitHub Actions
26
Go
2,249
Maven
5,000+
npm
3,903
NuGet
702
pip
3,671
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

106,673 advisories

Loading
The FileWave Windows client before 16.0.0, in some non-default configurations, allows an... High Unreviewed
CVE-2025-43922 was published Apr 21, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2025-23174 was published Apr 21, 2025
Infinite loop condition in Amazon.IonDotnet High
CVE-2025-3857 was published for Amazon.IonDotnet (NuGet) Apr 21, 2025
Traefik has a possible vulnerability with the path matchers High
CVE-2025-32431 was published for github.com/traefik/traefik (Go) Apr 21, 2025
An improper authorization vulnerability in Dremio Software allows authenticated users to delete... High Unreviewed
CVE-2025-2298 was published Apr 21, 2025
In Soffid Console 3.5.38 before 3.5.39, necessary checks were not applied to some Java objects. A... High Unreviewed
CVE-2025-32408 was published Apr 21, 2025
A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or... High Unreviewed
CVE-2025-29625 was published Apr 21, 2025
GoBGP panics due to a zero value for softwareVersionLen High
CVE-2025-43971 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use... High Unreviewed
CVE-2025-37838 was published Apr 20, 2025
A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as... High Unreviewed
CVE-2025-3820 was published Apr 19, 2025
In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate... High Unreviewed
CVE-2025-43917 was published Apr 19, 2025
A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as... High Unreviewed
CVE-2025-3803 was published Apr 19, 2025
A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared... High Unreviewed
CVE-2025-3802 was published Apr 19, 2025
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3404 was published Apr 19, 2025
The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon... High Unreviewed
CVE-2025-3103 was published Apr 19, 2025
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed
CVE-2025-3809 was published Apr 19, 2025
The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker... High Unreviewed
CVE-2024-13926 was published Apr 19, 2025
The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed
CVE-2025-2111 was published Apr 19, 2025
The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is... High Unreviewed
CVE-2025-2010 was published Apr 19, 2025
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization High
GHSA-22fp-mf44-f2mq was published for youtube-dl (pip) Apr 18, 2025
pukkandan JarLob
Grub4K dirkf
Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability High
CVE-2025-22868 was published for github.com/traefik/traefik/v2 (Go) Apr 18, 2025
adregbr
A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue... High Unreviewed
CVE-2025-3786 was published Apr 18, 2025
A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This... High Unreviewed
CVE-2025-3785 was published Apr 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-39469 was published Apr 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database