Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

144,533 advisories

Loading
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the... Moderate Unreviewed
CVE-2025-29269 was published Dec 4, 2025
Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in... Moderate Unreviewed
CVE-2025-59788 was published Dec 4, 2025
Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2... Moderate Unreviewed
CVE-2025-63361 was published Dec 4, 2025
Due to a regression introduced in version 3.83.0, a security header is no longer applied to... Moderate Unreviewed
CVE-2025-13488 was published Dec 4, 2025
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the... Moderate Unreviewed
CVE-2025-14016 was published Dec 4, 2025
A vulnerability was identified in JIZHICMS up to 2.5.5. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-14013 was published Dec 4, 2025
Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for... Moderate Unreviewed
CVE-2025-12994 was published Dec 4, 2025
A vulnerability was determined in JIZHICMS up to 2.5.5. The affected element is the function... Moderate Unreviewed
CVE-2025-14012 was published Dec 4, 2025
A vulnerability was found in JIZHICMS up to 2.5.5. Impacted is the function commentlist of the... Moderate Unreviewed
CVE-2025-14011 was published Dec 4, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
A stored cross-site scripting (XSS) vulnerability was discovered in Seafile Community Edition... Moderate Unreviewed
CVE-2025-65516 was published Dec 4, 2025
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3... Moderate Unreviewed
CVE-2025-8074 was published Dec 4, 2025
Central Dogma's Login Function Has an Open Redirect Vulnerability Moderate
CVE-2025-11222 was published for com.linecorp.centraldogma:centraldogma-server-auth-shiro (Maven) Dec 4, 2025
minwoox
Credited to minwoox
A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write... Moderate Unreviewed
CVE-2025-2848 was published Dec 4, 2025
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this... Moderate Unreviewed
CVE-2025-14006 was published Dec 4, 2025
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of... Moderate Unreviewed
CVE-2025-14008 was published Dec 4, 2025
A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown... Moderate Unreviewed
CVE-2025-14004 was published Dec 4, 2025
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. Moderate Unreviewed
CVE-2025-29845 was published Dec 4, 2025
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image... Moderate Unreviewed
CVE-2025-29843 was published Dec 4, 2025
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata... Moderate Unreviewed
CVE-2025-29844 was published Dec 4, 2025
Improper control of dynamically-managed code resources vulnerability in WebAPI component in... Moderate Unreviewed
CVE-2024-5401 was published Dec 4, 2025
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-14005 was published Dec 4, 2025
Ansible Community General Collection is vulnerable to exposure of sensitive information Moderate
CVE-2025-14010 was published for ansible (pip) Dec 4, 2025
reanguiano
Credited to reanguiano
A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed
CVE-2025-41080 was published Dec 4, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed
CVE-2025-41079 was published Dec 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database