Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

144,549 advisories

Loading
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3... Moderate Unreviewed
CVE-2025-8074 was published Dec 4, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
A stored cross-site scripting (XSS) vulnerability was discovered in Seafile Community Edition... Moderate Unreviewed
CVE-2025-65516 was published Dec 4, 2025
Central Dogma's Login Function Has an Open Redirect Vulnerability Moderate
CVE-2025-11222 was published for com.linecorp.centraldogma:centraldogma-server-auth-shiro (Maven) Dec 4, 2025
minwoox
Credited to minwoox
A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write... Moderate Unreviewed
CVE-2025-2848 was published Dec 4, 2025
A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown... Moderate Unreviewed
CVE-2025-14004 was published Dec 4, 2025
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. Moderate Unreviewed
CVE-2025-29845 was published Dec 4, 2025
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image... Moderate Unreviewed
CVE-2025-29843 was published Dec 4, 2025
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata... Moderate Unreviewed
CVE-2025-29844 was published Dec 4, 2025
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of... Moderate Unreviewed
CVE-2025-14008 was published Dec 4, 2025
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this... Moderate Unreviewed
CVE-2025-14006 was published Dec 4, 2025
Improper control of dynamically-managed code resources vulnerability in WebAPI component in... Moderate Unreviewed
CVE-2024-5401 was published Dec 4, 2025
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-14005 was published Dec 4, 2025
Ansible Community General Collection is vulnerable to exposure of sensitive information Moderate
CVE-2025-14010 was published for ansible (pip) Dec 4, 2025
reanguiano
Credited to reanguiano
A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed
CVE-2025-41079 was published Dec 4, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed
CVE-2025-41080 was published Dec 4, 2025
The Custom Post Type UI plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed
CVE-2025-12826 was published Dec 4, 2025
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization... Moderate Unreviewed
CVE-2025-12782 was published Dec 4, 2025
The WebP Express plugin for WordPress is vulnerable to information exposure via config files in... Moderate Unreviewed
CVE-2025-11379 was published Dec 4, 2025
The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `... Moderate Unreviewed
CVE-2025-13513 was published Dec 4, 2025
An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard... Moderate Unreviewed
CVE-2025-61727 was published Dec 3, 2025
Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v12_28, and commit... Moderate Unreviewed
CVE-2025-50361 was published Dec 3, 2025
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.7_rc1 allows an... Moderate Unreviewed
CVE-2025-13086 was published Dec 3, 2025
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0... Moderate Unreviewed
CVE-2025-63401 was published Dec 3, 2025
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to... Moderate Unreviewed
CVE-2025-63402 was published Dec 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database