Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,486
Maven
5,000+
npm
4,104
NuGet
735
pip
3,918
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,392 advisories

Loading
Liferay Portal Login Bypass Vulnerability Low
CVE-2025-3639 was published for com.liferay.portal:release.portal.bom (Maven) Aug 18, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request... Low Unreviewed
CVE-2025-54234 was published Aug 18, 2025
Liferay Portal Vulnerable to Cross-Site Scripting Low
CVE-2025-43733 was published for com.liferay:com.liferay.layout.taglib (Maven) Aug 18, 2025
IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing... Low Unreviewed
CVE-2024-49827 was published Aug 18, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/users.js Low
CVE-2025-9095 was published for express-gateway (npm) Aug 18, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/apps.js Low
CVE-2025-9096 was published for express-gateway (npm) Aug 18, 2025
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is... Low Unreviewed
CVE-2025-9091 was published Aug 17, 2025
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability Low
CVE-2025-9092 was published for org.bouncycastle:bc-fips (Maven) Aug 16, 2025
A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this... Low Unreviewed
CVE-2017-20199 was published Aug 16, 2025
Template Secret leakage in logs in Scaffolder when using `fetch:template` Low
CVE-2025-55285 was published for @backstage/plugin-scaffolder-backend (npm) Aug 15, 2025
A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function... Low Unreviewed
CVE-2025-9019 was published Aug 15, 2025
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function... Low Unreviewed
CVE-2025-9020 was published Aug 15, 2025
The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery... Low Unreviewed
CVE-2025-8013 was published Aug 15, 2025
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2025-31961 was published Aug 15, 2025
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4... Low Unreviewed
CVE-2025-36613 was published Aug 14, 2025
Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory... Low Unreviewed
CVE-2025-36581 was published Aug 14, 2025
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user... Low Unreviewed
CVE-2025-8713 was published Aug 14, 2025
Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor... Low Unreviewed
CVE-2025-5941 was published Aug 14, 2025
An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1... Low Unreviewed
CVE-2025-2498 was published Aug 13, 2025
Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R)... Low Unreviewed
CVE-2025-24840 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-27707 was published Aug 12, 2025
Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an... Low Unreviewed
CVE-2025-32004 was published Aug 12, 2025
Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet... Low Unreviewed
CVE-2025-24511 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Low Unreviewed
CVE-2025-27576 was published Aug 12, 2025
Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to... Low Unreviewed
CVE-2025-22853 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database