Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

126,194 advisories

Loading
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft... High Unreviewed
CVE-2023-53946 was published Dec 19, 2025
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in... High Unreviewed
CVE-2023-53945 was published Dec 19, 2025
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows... High Unreviewed
CVE-2023-53958 was published Dec 19, 2025
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate... High Unreviewed
CVE-2023-53949 was published Dec 19, 2025
ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to... High Unreviewed
CVE-2023-53954 was published Dec 19, 2025
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute... High Unreviewed
CVE-2023-53959 was published Dec 19, 2025
ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address... High Unreviewed
CVE-2025-14809 was published Dec 19, 2025
EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows... High Unreviewed
CVE-2025-67442 was published Dec 19, 2025
ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar... High Unreviewed
CVE-2025-14812 was published Dec 19, 2025
The Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths... High Unreviewed
CVE-2025-66905 was published Dec 19, 2025
Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial... High Unreviewed
CVE-2025-66909 was published Dec 19, 2025
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2025-50681 was published Dec 19, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online... High Unreviewed
CVE-2025-1927 was published Dec 19, 2025
Apache NiFi GetAsanaObject Processor has Remote Code Execution via Unsafe Deserialization High
CVE-2025-66524 was published for org.apache.nifi:nifi-asana-processors (Maven) Dec 19, 2025
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized... High Unreviewed
CVE-2025-14847 was published Dec 19, 2025
A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF... High Unreviewed
CVE-2025-66493 was published Dec 19, 2025
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1... High Unreviewed
CVE-2025-66494 was published Dec 19, 2025
A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when... High Unreviewed
CVE-2025-66499 was published Dec 19, 2025
A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025... High Unreviewed
CVE-2025-66495 was published Dec 19, 2025
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is... High Unreviewed
CVE-2025-13999 was published Dec 19, 2025
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS... High Unreviewed
CVE-2025-13008 was published Dec 19, 2025
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service.... High Unreviewed
CVE-2025-13941 was published Dec 19, 2025
A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify... High Unreviewed
CVE-2025-67843 was published Dec 19, 2025
Successful exploitation of the vulnerability could allow an attacker with local network access to... High Unreviewed
CVE-2025-52692 was published Dec 19, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2025-11774 was published Dec 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database