Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

159,178 advisories

Loading
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58348 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58346 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58347 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58345 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58343 was published Feb 3, 2026
60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows... Moderate Unreviewed
CVE-2020-37111 was published Feb 3, 2026
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended... Moderate Unreviewed
CVE-2025-52627 was published Feb 3, 2026
A Potential Command Injection vulnerability in HCL AION.  An This can allow unintended command... Moderate Unreviewed
CVE-2025-52626 was published Feb 3, 2026
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive... Moderate Unreviewed
CVE-2020-37114 was published Feb 3, 2026
Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2019-25263 was published Feb 3, 2026
Online Inventory Manager 3.2 contains a stored cross-site scripting vulnerability in the group... Moderate Unreviewed
CVE-2019-25265 was published Feb 3, 2026
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized... Moderate Unreviewed
CVE-2019-25264 was published Feb 3, 2026
Apache Syncope: Console XXE on Keymaster parameters Moderate
CVE-2026-23795 was published for org.apache.syncope.client.idrepo:syncope-client-idrepo-console (Maven) Feb 3, 2026
Apache Syncope: Reflected XSS on Enduser Login Moderate
CVE-2026-23794 was published for org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui (Maven) Feb 3, 2026
DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users... Moderate Unreviewed
CVE-2020-37103 was published Feb 3, 2026
RustFS Logs Sensitive Credentials in Plaintext Moderate
CVE-2026-24762 was published for rustfs (Rust) Feb 3, 2026
cchheang Credited to cchheang
Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site... Moderate Unreviewed
CVE-2026-25015 was published Feb 3, 2026
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp... Moderate Unreviewed
CVE-2026-25011 was published Feb 3, 2026
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows... Moderate Unreviewed
CVE-2026-25019 was published Feb 3, 2026
Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting... Moderate Unreviewed
CVE-2026-25010 was published Feb 3, 2026
Missing Authorization vulnerability in Mizan Themes Mizan Demo Importer mizan-demo-importer... Moderate Unreviewed
CVE-2026-25021 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows... Moderate Unreviewed
CVE-2026-25014 was published Feb 3, 2026
Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting... Moderate Unreviewed
CVE-2026-25016 was published Feb 3, 2026
Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows... Moderate Unreviewed
CVE-2026-25020 was published Feb 3, 2026
Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows... Moderate Unreviewed
CVE-2026-25012 was published Feb 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database