GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,029
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,115
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,710

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

305,739 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Weblate has improper validation upon invitation acceptance Low

CVE-2025-64725 was published for Weblate (pip) Dec 15, 2025

In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow... Moderate Unreviewed

CVE-2025-67906 was published Dec 15, 2025

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app... Low Unreviewed

CVE-2025-14019 was published Dec 15, 2025

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False... Moderate Unreviewed

CVE-2025-65430 was published Dec 15, 2025

The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar... Moderate Unreviewed

CVE-2025-14021 was published Dec 15, 2025

A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the... Moderate Unreviewed

CVE-2025-14016 was published Dec 4, 2025

WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability... High Unreviewed

CVE-2025-34506 was published Dec 12, 2025

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows... Moderate Unreviewed

CVE-2025-34504 was published Dec 12, 2025

A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8... High Unreviewed

CVE-2025-65472 was published Dec 11, 2025

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress.... Low Unreviewed

CVE-2020-9003 was published May 24, 2022

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of... Moderate Unreviewed

CVE-2025-38382 was published Jul 25, 2025

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN... High Unreviewed

CVE-2025-38385 was published Jul 25, 2025

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory... Moderate Unreviewed

CVE-2025-38384 was published Jul 25, 2025

A security issue exists due to improper handling of malformed CIP packets during fuzzing. The... High Unreviewed

CVE-2025-13824 was published Dec 15, 2025

TOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via... Unknown Unreviewed

CVE-2025-55893 was published Dec 15, 2025

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information... Unknown Unreviewed

CVE-2025-66963 was published Dec 15, 2025

TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function... Moderate Unreviewed

CVE-2025-55901 was published Dec 15, 2025

An issue was discovered in Frappe ERPNext through 15.89.0. Function... Unknown Unreviewed

CVE-2025-66439 was published Dec 15, 2025

In grav <1.7.49.5, a SSRF (Server-Side Request Forgery) vector may be triggered via Twig... Unknown Unreviewed

CVE-2025-66844 was published Dec 15, 2025

A Server-Side Template Injection (SSTI) vulnerability exists in the Frappe ERPNext through 15.89... Unknown Unreviewed

CVE-2025-66438 was published Dec 15, 2025

An SSTI (Server-Side Template Injection) vulnerability exists in the get_contract_template method... Unknown Unreviewed

CVE-2025-66435 was published Dec 15, 2025

An SSTI (Server-Side Template Injection) vulnerability exists in the get_address_display method... Unknown Unreviewed

CVE-2025-66437 was published Dec 15, 2025

An unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs... Unknown Unreviewed

CVE-2025-65742 was published Dec 15, 2025

An issue was discovered in Frappe ERPNext through 15.89.0. Function... Unknown Unreviewed

CVE-2025-66440 was published Dec 15, 2025

A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the... High Unreviewed

CVE-2025-13823 was published Dec 15, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305,739 advisories