GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,163
Composer 4,890
Erlang 37
GitHub Actions 38
Go 2,547
Maven 6,011
npm 4,217
NuGet 745
pip 3,994
Pub 12
RubyGems 950
Rust 1,038
Swift 45

Unreviewed advisories

All unreviewed 272,919

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

139,678 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ReNgine thru 2.2.0 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability in the... Moderate Unreviewed

CVE-2025-61319 was published Oct 10, 2025

Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an... Moderate Unreviewed

CVE-2025-8886 was published Oct 10, 2025

Stored cross-site scripting (XSS) vulnerability on the Membership page in Account Settings in... Moderate Unreviewed

CVE-2025-62238 was published Oct 10, 2025

Cross-site scripting (XSS) vulnerability in workflow process builder in Liferay Portal 7.4.3.21... Moderate Unreviewed

CVE-2025-62239 was published Oct 10, 2025

Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive... Moderate Unreviewed

CVE-2025-8887 was published Oct 10, 2025

Stored cross-site scripting (XSS) vulnerability in Commerce’s view order page in Liferay Portal 7... Moderate Unreviewed

CVE-2025-62237 was published Oct 10, 2025

The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters... Moderate Unreviewed

CVE-2025-60868 was published Oct 10, 2025

python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any... Moderate Unreviewed

CVE-2025-61152 was published Oct 10, 2025

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization... Moderate Unreviewed

CVE-2025-7374 was published Oct 10, 2025

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-7781 was published Oct 10, 2025

github.com/nwaples/rardecode versions <=2.1.1 fail to restrict the dictionary size when reading... Moderate Unreviewed

CVE-2025-11579 was published Oct 10, 2025

Reflected Cross-Site Scripting (XSS) in Xibo CMS v4.1.2 from Xibo Signage, due to a lack of... Moderate Unreviewed

CVE-2025-41089 was published Oct 10, 2025

A Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability in HCL AION.This issue... Moderate Unreviewed

CVE-2025-52632 was published Oct 10, 2025

A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly... Moderate Unreviewed

CVE-2025-52624 was published Oct 10, 2025

Stored Cross-Site Scripting (XSS) in Xibo Signage's Xibo CMS v4.1.2, due to a lack of proper... Moderate Unreviewed

CVE-2025-41088 was published Oct 10, 2025

Insertion of sensitive information in log file in Elasticsearch can lead to loss of... Moderate Unreviewed

CVE-2025-37727 was published Oct 10, 2025

In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authenticated low-privileged users... Moderate Unreviewed

CVE-2025-62292 was published Oct 10, 2025

Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local... Moderate Unreviewed

CVE-2025-21070 was published Oct 10, 2025

Stored Cross-Site Scripting (XSS) vulnerability in Energy CRM v2025 by Status Tracker Ltd,... Moderate Unreviewed

CVE-2025-40640 was published Oct 10, 2025

Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63... Moderate Unreviewed

CVE-2025-21069 was published Oct 10, 2025

Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows... Moderate Unreviewed

CVE-2025-21055 was published Oct 10, 2025

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025... Moderate Unreviewed

CVE-2025-21053 was published Oct 10, 2025

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63... Moderate Unreviewed

CVE-2025-21068 was published Oct 10, 2025

Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025... Moderate Unreviewed

CVE-2025-21051 was published Oct 10, 2025

Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so... Moderate Unreviewed

CVE-2025-21052 was published Oct 10, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

139,678 advisories