Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,216 advisories

Loading
A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of... Moderate Unreviewed
CVE-2025-11938 was published Oct 19, 2025
The Advanced Database Cleaner plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-11497 was published Oct 25, 2025
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server Moderate
CVE-2025-61620 was published for vllm (pip) Oct 7, 2025
key-moon Ga-ryo
ota42y Alnusjaponica Isotr0py DarkLight1337
Credited to key-moon, Ga-ryo, ota42y, Alnusjaponica, Isotr0py, and DarkLight1337
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized... Moderate Unreviewed
CVE-2010-3035 was published May 17, 2022
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session... Moderate Unreviewed
CVE-2009-2055 was published May 2, 2022
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to... Moderate Unreviewed
CVE-2013-3896 was published May 14, 2022
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat... Moderate Unreviewed
CVE-2010-1871 was published May 17, 2022
Microsoft WordPad Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36563 was published Oct 10, 2023
Assuming radio permission is gained, missing input validation in modem interface driver prior to... Moderate Unreviewed
CVE-2021-25489 was published May 24, 2022
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18... Moderate Unreviewed
CVE-2020-8195 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it... Moderate Unreviewed
CVE-2020-0618 was published May 24, 2022
Microsoft Word Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36761 was published Sep 12, 2023
A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023... Moderate Unreviewed
CVE-2023-41266 was published Aug 30, 2023
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0... Moderate Unreviewed
CVE-2022-2856 was published Sep 27, 2022
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP... Moderate Unreviewed
CVE-2016-8562 was published May 13, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed
CVE-2020-3452 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type... Moderate Unreviewed
CVE-2020-1020 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type... Moderate Unreviewed
CVE-2020-0938 was published May 24, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the... Moderate Unreviewed
CVE-2022-20350 was published Aug 11, 2022
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is... Moderate Unreviewed
CVE-2025-8963 was published Aug 14, 2025
A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an... Moderate Unreviewed
CVE-2024-12387 was published Mar 20, 2025
A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection.... Moderate Unreviewed
CVE-2024-8251 was published Mar 20, 2025
gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion... Moderate Unreviewed
CVE-2024-10707 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database