Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5,030 advisories

Loading
An improper input validation vulnerability is identified in the End of Life (EOL) OVA based... Moderate Unreviewed
CVE-2025-3837 was published Apr 21, 2025
Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low... Moderate Unreviewed
CVE-2025-26477 was published Apr 17, 2025
A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This... Moderate Unreviewed
CVE-2025-3677 was published Apr 16, 2025
A vulnerability, which was classified as critical, has been found in Xorbits Inference up to 1.4... Moderate Unreviewed
CVE-2025-3622 was published Apr 15, 2025
A vulnerability has been found in Adianti Framework up to 8.0 and classified as critical.... Moderate Unreviewed
CVE-2025-3590 was published Apr 15, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Extension... Moderate Unreviewed
CVE-2025-32077 was published Apr 11, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Visual Data... Moderate Unreviewed
CVE-2025-32076 was published Apr 11, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Tabs Extension... Moderate Unreviewed
CVE-2025-32075 was published Apr 11, 2025
Processing a file may lead to a denial-of-service or potentially disclose memory contents. This... Moderate Unreviewed
CVE-2023-42981 was published Apr 11, 2025
BlueCMS 1.6 suffers from Arbitrary File Deletion via the id parameter in an /publish.php?act=del... Moderate Unreviewed
CVE-2025-29150 was published Apr 10, 2025
IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2023-43037 was published Apr 10, 2025
Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing Moderate
CVE-2025-31672 was published for org.apache.poi:poi-ooxml (Maven) Apr 9, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-30293 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input... Moderate Unreviewed
CVE-2025-30294 was published Apr 8, 2025
Improper input validation in Dynamics Business Central allows an authorized attacker to disclose... Moderate Unreviewed
CVE-2025-29821 was published Apr 8, 2025
A vulnerability has been found in opplus springboot-admin up to... Moderate Unreviewed
CVE-2025-3413 was published Apr 8, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7.... Moderate Unreviewed
CVE-2025-3250 was published Apr 4, 2025
A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0. This affects the... Moderate Unreviewed
CVE-2025-3165 was published Apr 3, 2025
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52... Moderate Unreviewed
CVE-2025-3070 was published Apr 2, 2025
Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times Moderate
CVE-2025-31135 was published for github.com/phires/go-guerrilla (Go) Apr 1, 2025
Zenexer
The issue was addressed with improved validation of environment variables. This issue is fixed in... Moderate Unreviewed
CVE-2025-24191 was published Apr 1, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-2855 was published Mar 27, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform... Moderate Unreviewed
CVE-2025-20227 was published Mar 27, 2025
The Advanced iFrame plugin for WordPress is vulnerable to unauthorized excessive creation of... Moderate Unreviewed
CVE-2025-1440 was published Mar 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database