Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,781
Maven
5,000+
npm
4,386
NuGet
772
pip
4,164
Pub
12
RubyGems
965
Rust
1,073
Swift
45
Unreviewed advisories
All unreviewed
5,000+

116,472 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2025-22373 was published Apr 14, 2025
A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable... High Unreviewed
CVE-2025-32914 was published Apr 14, 2025
Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup High Unreviewed
CVE-2025-2160 was published Apr 14, 2025
Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup High Unreviewed
CVE-2025-2161 was published Apr 14, 2025
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a... High Unreviewed
CVE-2025-32907 was published Apr 14, 2025
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of... High Unreviewed
CVE-2025-32908 was published Apr 14, 2025
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is... High Unreviewed
CVE-2025-32913 was published Apr 14, 2025
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to... High Unreviewed
CVE-2025-32906 was published Apr 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS... High Unreviewed
CVE-2025-27009 was published Apr 14, 2025
Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is... High Unreviewed
CVE-2025-31344 was published Apr 14, 2025
The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set... High Unreviewed
CVE-2025-2563 was published Apr 14, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-3546 was published Apr 14, 2025
A vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up... High Unreviewed
CVE-2025-3543 was published Apr 14, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-3545 was published Apr 14, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-3544 was published Apr 14, 2025
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-3572 was published Apr 14, 2025
mholt/archiver Vulnerable to Path Traversal via Crafted ZIP File High
CVE-2025-3445 was published for github.com/mholt/archiver (Go) Apr 14, 2025
A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30... High Unreviewed
CVE-2025-3541 was published Apr 14, 2025
A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400... High Unreviewed
CVE-2025-3540 was published Apr 14, 2025
A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and... High Unreviewed
CVE-2025-3542 was published Apr 14, 2025
A vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic... High Unreviewed
CVE-2025-3539 was published Apr 14, 2025
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue... High Unreviewed
CVE-2025-3538 was published Apr 13, 2025
A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in... High Unreviewed
CVE-2024-56406 was published Apr 13, 2025
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0... High Unreviewed
CVE-2025-3418 was published Apr 12, 2025
CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows High
GHSA-f87w-3j5w-v58p was published for CefSharp.OffScreen (NuGet) Apr 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database