Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,740
Maven
5,000+
npm
4,338
NuGet
765
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

115,231 advisories

Loading
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34423 was published Dec 10, 2025
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI... High Unreviewed
CVE-2025-67635 was published Dec 10, 2025
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before... High Unreviewed
CVE-2025-65803 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34422 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34421 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34424 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... High Unreviewed
CVE-2025-34395 was published Dec 10, 2025
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the... High Unreviewed
CVE-2025-34410 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34418 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34417 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34419 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34420 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34416 was published Dec 10, 2025
ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only) High
CVE-2025-66628 was published for Magick.NET-Q16-AnyCPU (NuGet) Dec 10, 2025
Sumitshah00
Credited to Sumitshah00
XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection High
CVE-2025-66474 was published for org.xwiki.rendering:xwiki-rendering-xml (Maven) Dec 10, 2025
XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis High
CVE-2025-66473 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Dec 10, 2025
An improper permissions vulnerability was reported in Lenovo Baiying Client that could allow a... High Unreviewed
CVE-2025-13155 was published Dec 10, 2025
A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal... High Unreviewed
CVE-2025-13152 was published Dec 10, 2025
Gogs vulnerable to a bypass of CVE-2024-55947 High
CVE-2025-8110 was published for gogs.io/gogs (Go) Dec 10, 2025
Due to improper BLE security configurations on the device's GATT server, an adjacent... High Unreviewed
CVE-2024-2104 was published Dec 10, 2025
A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser... High Unreviewed
CVE-2025-12046 was published Dec 10, 2025
A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low... High Unreviewed
CVE-2025-7073 was published Dec 10, 2025
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version <=... High Unreviewed
CVE-2025-14390 was published Dec 10, 2025
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account()... High Unreviewed
CVE-2025-41730 was published Dec 10, 2025
Direct Object Reference Vulnerability (IDOR) in i2A's CronosWeb, in versions prior to 25.00.00.12... High Unreviewed
CVE-2025-41358 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database