GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

144,533 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially... Moderate Unreviewed

CVE-2025-6725 was published Jul 2, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-53493 was published Jul 2, 2025

WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENT_LENGTH... Moderate Unreviewed

CVE-2025-45029 was published Jul 2, 2025

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use... Moderate Unreviewed

CVE-2025-38092 was published Jul 2, 2025

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100:... Moderate Unreviewed

CVE-2025-38093 was published Jul 2, 2025

A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3... Moderate Unreviewed

CVE-2025-27026 was published Jul 2, 2025

ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions Moderate

CVE-2025-53359 was published for ethereum (Rust) Jul 2, 2025

The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-2330 was published Jul 2, 2025

A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an... Moderate Unreviewed

CVE-2025-46647 was published Jul 2, 2025

Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows... Moderate Unreviewed

CVE-2025-27023 was published Jul 2, 2025

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows... Moderate Unreviewed

CVE-2025-27024 was published Jul 2, 2025

Missing Authorization vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects... Moderate Unreviewed

CVE-2025-39362 was published Jul 2, 2025

The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console... Moderate Unreviewed

CVE-2024-35164 was published Jul 2, 2025

Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal... Moderate Unreviewed

CVE-2025-24328 was published Jul 2, 2025

A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2... Moderate Unreviewed

CVE-2025-6017 was published Jul 2, 2025

Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell... Moderate Unreviewed

CVE-2025-24333 was published Jul 2, 2025

The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it... Moderate Unreviewed

CVE-2025-24331 was published Jul 2, 2025

Sending a crafted SOAP "provision" operation message archive field within the Mobile Network... Moderate Unreviewed

CVE-2025-24329 was published Jul 2, 2025

Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network... Moderate Unreviewed

CVE-2025-24330 was published Jul 2, 2025

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Moderate Unreviewed

CVE-2024-13451 was published Jul 2, 2025

Cross-site scripting vulnerability exists in Active! mail 6 BuildInfo: 6.30.01004145 to 6.60... Moderate Unreviewed

CVE-2025-52462 was published Jul 2, 2025

The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-6686 was published Jul 2, 2025

The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-6687 was published Jul 2, 2025

In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the... Moderate Unreviewed

CVE-2025-52925 was published Jul 2, 2025

The WP Front-end login and register plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-11405 was published Jul 2, 2025

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

144,533 advisories