Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,675
Maven
5,000+
npm
4,297
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,732 advisories

Loading
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2025-53064 was published Oct 21, 2025
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control... Moderate Unreviewed
CVE-2025-52079 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle... Moderate Unreviewed
CVE-2025-50075 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed
CVE-2025-53035 was published Oct 21, 2025
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart).... Moderate Unreviewed
CVE-2025-53041 was published Oct 21, 2025
LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a... Moderate Unreviewed
CVE-2025-60427 was published Oct 21, 2025
In Samsung Mobile Processor and Wearable Processor Exynos 980, 1280, 1330, 1380, 1480, 2400, 1580... Moderate Unreviewed
CVE-2025-48025 was published Oct 20, 2025
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The... Moderate Unreviewed
CVE-2025-11908 was published Oct 17, 2025
Strapi core vulnerable to sensitive data exposure via CORS misconfiguration Moderate
CVE-2025-53092 was published for @strapi/core (npm) Oct 16, 2025
ghostvirus62 derrickmehaffy
alexandrebodin innerdvations
Credited to ghostvirus62, derrickmehaffy, alexandrebodin, and innerdvations
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7... Moderate Unreviewed
CVE-2025-43313 was published Oct 15, 2025
Improper access control in Microsoft Windows Search Component allows an authorized attacker to... Moderate Unreviewed
CVE-2025-59253 was published Oct 14, 2025
An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in... Moderate Unreviewed
CVE-2025-54603 was published Oct 14, 2025
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller... Moderate Unreviewed
CVE-2025-37142 was published Oct 14, 2025
An arbitrary file download vulnerability exists in the web-based management interface of AOS-10... Moderate Unreviewed
CVE-2025-37143 was published Oct 14, 2025
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller... Moderate Unreviewed
CVE-2025-37141 was published Oct 14, 2025
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an... Moderate Unreviewed
CVE-2025-37137 was published Oct 14, 2025
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an... Moderate Unreviewed
CVE-2025-37136 was published Oct 14, 2025
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an... Moderate Unreviewed
CVE-2025-37135 was published Oct 14, 2025
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller... Moderate Unreviewed
CVE-2025-37140 was published Oct 14, 2025
Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to... Moderate Unreviewed
CVE-2025-0033 was published Oct 14, 2025
Links in a sandboxed iframe could open an external app on Android without the required "allow-"... Moderate Unreviewed
CVE-2025-11716 was published Oct 14, 2025
Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if... Moderate Unreviewed
CVE-2025-27258 was published Oct 13, 2025
A vulnerability has been found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11660 was published Oct 13, 2025
A vulnerability was detected in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11658 was published Oct 13, 2025
A flaw has been found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11659 was published Oct 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database