Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,213 advisories

Loading
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2025-3919 was published Jun 3, 2025
Missing Authorization vulnerability in Mage people team Booking and Rental Manager allows... Moderate Unreviewed
CVE-2025-47585 was published Jun 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting Contact Forms by Cimatti... Moderate Unreviewed
CVE-2025-49069 was published Jun 2, 2025
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in ... Moderate Unreviewed
CVE-2025-45387 was published Jun 2, 2025
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of... Moderate Unreviewed
CVE-2024-1440 was published Jun 2, 2025
A reflected cross-site scripting (XSS) vulnerability exists in multiple [Vendor Name] products... Moderate Unreviewed
CVE-2024-8008 was published Jun 2, 2025
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper... Moderate Unreviewed
CVE-2024-7074 was published Jun 2, 2025
A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple... Moderate Unreviewed
CVE-2024-3509 was published Jun 2, 2025
A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to... Moderate Unreviewed
CVE-2024-7073 was published Jun 2, 2025
In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20297 was published Jun 2, 2025
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free... Moderate Unreviewed
CVE-2025-23104 was published Jun 2, 2025
A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2025-44115 was published Jun 2, 2025
A Local File Inclusion (LFI) vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender... Moderate Unreviewed
CVE-2024-40112 was published Jun 2, 2025
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default... Moderate Unreviewed
CVE-2024-40113 was published Jun 2, 2025
A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1... Moderate Unreviewed
CVE-2024-40114 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5447 was published Jun 2, 2025
A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed
CVE-2025-37095 was published Jun 2, 2025
An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially... Moderate Unreviewed
CVE-2025-20001 was published Jun 2, 2025
Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the... Moderate Unreviewed
CVE-2025-44172 was published Jun 2, 2025
A server-side request forgery vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed
CVE-2025-37090 was published Jun 2, 2025
A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed
CVE-2025-37094 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5445 was published Jun 2, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5446 was published Jun 2, 2025
A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some... Moderate Unreviewed
CVE-2025-46806 was published Jun 2, 2025
A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0... Moderate Unreviewed
CVE-2025-5444 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database