Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,746
Maven
5,000+
npm
4,342
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

287 advisories

Loading
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into... High Unreviewed
CVE-2025-11713 was published Oct 14, 2025
A malicious page could have used the type attribute of an OBJECT tag to override the default... Moderate Unreviewed
CVE-2025-11712 was published Oct 14, 2025
There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient... Moderate Unreviewed
CVE-2025-46583 was published Oct 27, 2025
motionEye vulnerable to RCE via unsanitized motion config parameter High
CVE-2025-60787 was published for motioneye (pip) Nov 3, 2025
prabhatverma47 MichaIng
Credited to prabhatverma47 and MichaIng
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This... High Unreviewed
CVE-2025-11085 was published Nov 11, 2025
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with... Critical Unreviewed
CVE-2025-40547 was published Nov 18, 2025
Emails sent by pretix can utilize placeholders that will be filled with customer data. For... Low Unreviewed
CVE-2025-13742 was published Nov 27, 2025
A vulnerability exists in PX Enterprise whereby sensitive information may be logged under... High Unreviewed
CVE-2025-9127 was published Dec 4, 2025
Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF' High
CVE-2025-65959 was published for open-webui (npm) Dec 4, 2025
pyozzi-toss L2VE
Credited to pyozzi-toss and L2VE
SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send... Moderate Unreviewed
CVE-2025-42896 was published Dec 9, 2025
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18... High Unreviewed
CVE-2025-8405 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18... Low Unreviewed
CVE-2025-12734 was published Dec 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database