Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,781
Maven
5,000+
npm
4,386
NuGet
772
pip
4,164
Pub
12
RubyGems
965
Rust
1,073
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,945 advisories

Loading
SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key Low
CVE-2025-15107 was published for github.com/actiontech/sqle (Go) Dec 27, 2025
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker:... Low Unreviewed
CVE-2023-23985 was published Apr 24, 2024
KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe... Low Unreviewed
CVE-2025-69412 was published Jan 1, 2026
ImageMagick has a heap-buffer-overflow Low
CVE-2025-68469 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
hardik05
Credited to hardik05
Composer is vulnerable to ANSI sequence injection Low
CVE-2025-67746 was published for composer/composer (Composer) Dec 30, 2025
cs278
Credited to cs278
Temporal has a namespace policy bypass allowing requests to be authorized for incorrect contexts Low
CVE-2025-14986 was published for go.temporal.io/server (Go) Dec 30, 2025
An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26... Low Unreviewed
CVE-2025-66861 was published Dec 29, 2025
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a... Low Unreviewed
CVE-2025-11961 was published Dec 31, 2025
On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message... Low Unreviewed
CVE-2025-11964 was published Dec 31, 2025
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function... Low Unreviewed
CVE-2025-15122 was published Dec 28, 2025
A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the... Low Unreviewed
CVE-2025-15120 was published Dec 28, 2025
A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the... Low Unreviewed
CVE-2025-15126 was published Dec 28, 2025
A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function... Low Unreviewed
CVE-2025-15125 was published Dec 28, 2025
A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function... Low Unreviewed
CVE-2025-15124 was published Dec 28, 2025
A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the... Low Unreviewed
CVE-2025-15123 was published Dec 28, 2025
URI Credential Leakage Bypass over CVE-2025-27221 Low
CVE-2025-61594 was published for uri (RubyGems) Dec 30, 2025
Emails sent by pretix can utilize placeholders that will be filled with customer data. For... Low Unreviewed
CVE-2025-13742 was published Nov 27, 2025
Missing Authorization vulnerability in Automattic Crowdsignal Forms crowdsignal-forms allows... Low Unreviewed
CVE-2025-69015 was published Dec 30, 2025
Pterodactyl has a Reflected XSS vulnerability in “Create New Database Host” Low
GHSA-mgr9-6c2j-jxrq was published for pterodactyl/panel (Composer) Dec 30, 2025
4rdr
Credited to 4rdr
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of... Low Unreviewed
CVE-2025-15242 was published Dec 30, 2025
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function... Low Unreviewed
CVE-2025-15222 was published Dec 30, 2025
A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing... Low Unreviewed
CVE-2025-15141 was published Dec 28, 2025
A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function... Low Unreviewed
CVE-2025-15119 was published Dec 28, 2025
A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function... Low Unreviewed
CVE-2025-15117 was published Dec 28, 2025
Open redirect endpoint in Datasette Low
CVE-2025-64481 was published for datasette (pip) Nov 6, 2025
jamesjefferies
Credited to jamesjefferies
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database