Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,840
Erlang
36
GitHub Actions
33
Go
2,464
Maven
5,000+
npm
4,082
NuGet
723
pip
3,880
Pub
12
RubyGems
943
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,665 advisories

Loading
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield... Critical Unreviewed
CVE-2022-31491 was published Aug 22, 2025
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau... Critical Unreviewed
CVE-2025-26496 was published Aug 22, 2025
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a... Critical Unreviewed
CVE-2022-43110 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to... Critical Unreviewed
CVE-2024-53496 was published Aug 22, 2025
Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function... Critical Unreviewed
CVE-2025-55613 was published Aug 22, 2025
An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated... Critical Unreviewed
CVE-2024-52786 was published Aug 22, 2025
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READ_STRING_SYSCALL. Critical Unreviewed
CVE-2025-29365 was published Aug 22, 2025
UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in... Critical Unreviewed
CVE-2009-10006 was published Aug 22, 2025
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-9254 was published Aug 22, 2025
Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer... Critical Unreviewed
CVE-2010-20122 was published Aug 21, 2025
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its... Critical Unreviewed
CVE-2010-20113 was published Aug 21, 2025
Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a... Critical Unreviewed
CVE-2010-20115 was published Aug 21, 2025
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2025-53795 was published Aug 21, 2025
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed
CVE-2025-3128 was published Aug 21, 2025
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-53763 was published Aug 21, 2025
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by... Critical Unreviewed
CVE-2010-20112 was published Aug 21, 2025
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the... Critical Unreviewed
CVE-2010-20121 was published Aug 21, 2025
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user... Critical Unreviewed
CVE-2025-52352 was published Aug 21, 2025
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8... Critical Unreviewed
CVE-2024-45438 was published Aug 21, 2025
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-52395 was published Aug 21, 2025
Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified... Critical Unreviewed
CVE-2025-34158 was published Aug 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a... Critical Unreviewed
CVE-2025-53251 was published Aug 21, 2025
sha.js is missing type checks leading to hash rewind and passing on crafted data Critical
CVE-2025-9288 was published for sha.js (npm) Aug 21, 2025
ChALkeR
cipher-base is missing type checks, leading to hash rewind and passing on crafted data Critical
CVE-2025-9287 was published for cipher-base (npm) Aug 21, 2025
ChALkeR ljharb
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database