Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,385
Maven
3,027
npm
3,078
NuGet
529
pip
2,897
Pub
5
RubyGems
442
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

55,021 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed
CVE-2025-30975 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48151 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48158 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-28977 was published Aug 20, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-48157 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48154 was published Aug 20, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-48149 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48159 was published Aug 20, 2025
An issue was discovered in Commvault before 11.36.60. A security vulnerability has been... High Unreviewed
CVE-2025-57790 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8289 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in... High Unreviewed
CVE-2025-8145 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion... High Unreviewed
CVE-2025-8141 was published Aug 20, 2025
Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to... High Unreviewed
CVE-2025-9132 was published Aug 20, 2025
Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13,... High Unreviewed
CVE-2025-9185 was published Aug 19, 2025
'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability... High Unreviewed
CVE-2025-9182 was published Aug 19, 2025
'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects... High Unreviewed
CVE-2025-9180 was published Aug 19, 2025
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and... High Unreviewed
CVE-2025-9184 was published Aug 19, 2025
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in... High Unreviewed
CVE-2025-55029 was published Aug 19, 2025
Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows... High Unreviewed
CVE-2025-8450 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs... High Unreviewed
CVE-2025-38570 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb... High Unreviewed
CVE-2025-38574 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix double... High Unreviewed
CVE-2025-38582 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value... High Unreviewed
CVE-2025-38579 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after... High Unreviewed
CVE-2025-38580 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious... High Unreviewed
CVE-2025-38572 was published Aug 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database