Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

482 advisories

Loading
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates ... High Unreviewed
CVE-2025-41255 was published Jun 26, 2025
NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s... Moderate Unreviewed
CVE-2025-23260 was published Jun 26, 2025
A vulnerability classified as problematic was found in NOYAFA/Xiami LF9 Pro up to 20250611.... Moderate Unreviewed
CVE-2025-6532 was published Jun 26, 2025
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This... Moderate Unreviewed
CVE-2025-6525 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611.... Low Unreviewed
CVE-2025-6527 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0.... Moderate Unreviewed
CVE-2025-6702 was published Jun 26, 2025
A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as... Moderate Unreviewed
CVE-2025-6531 was published Jun 26, 2025
New authd users logging in via SSH are members of the root group Moderate
CVE-2025-5689 was published for github.com/ubuntu/authd (Go) Jun 16, 2025
A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410... Moderate Unreviewed
CVE-2025-6099 was published Jun 16, 2025
XWiki allows privilege escalation through link refactoring High
CVE-2025-49580 was published for org.xwiki.platform:xwiki-platform-refactoring-default (Maven) Jun 13, 2025
An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM... Moderate Unreviewed
CVE-2025-4228 was published Jun 13, 2025
Hashicorp Nomad Incorrect Privilege Assignment vulnerability High
CVE-2025-4922 was published for github.com/hashicorp/nomad (Go) Jun 11, 2025
dduzgun-security
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for... Critical Unreviewed
CVE-2025-48129 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allows Privilege Escalation.... High Unreviewed
CVE-2025-47561 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation.... High Unreviewed
CVE-2025-23974 was published Jun 9, 2025
Duplicate Advisory: users may append `root` to group listings High
GHSA-jq8x-v7jw-v675 was published for users (Rust) Jun 6, 2025 withdrawn
Vulnerability of improper permission assignment in the note sharing module Impact: Successful... High Unreviewed
CVE-2025-48911 was published Jun 6, 2025
A vulnerability classified as critical has been found in SourceCodester Student Result Management... Moderate Unreviewed
CVE-2025-5649 was published Jun 5, 2025
users may append `root` to group listings High
CVE-2025-5791 was published for users (Rust) Jun 5, 2025
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the ... Moderate Unreviewed
CVE-2025-46203 was published Jun 4, 2025
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course... Moderate Unreviewed
CVE-2025-46204 was published Jun 4, 2025
A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to... Moderate Unreviewed
CVE-2025-5522 was published Jun 3, 2025
A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to... Moderate Unreviewed
CVE-2025-5511 was published Jun 3, 2025
A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability... Moderate Unreviewed
CVE-2025-5429 was published Jun 2, 2025
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an... Moderate Unreviewed
CVE-2025-5428 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database