Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,636 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload... Critical Unreviewed
CVE-2025-26776 was published Feb 22, 2025
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider... Critical Unreviewed
CVE-2025-26763 was published Feb 22, 2025
External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti... Critical Unreviewed
CVE-2024-38657 was published Feb 21, 2025
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in... Critical Unreviewed
CVE-2025-25676 was published Feb 21, 2025
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter... Critical Unreviewed
CVE-2025-25678 was published Feb 21, 2025
Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via... Critical Unreviewed
CVE-2025-25674 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed
CVE-2025-25668 was published Feb 21, 2025
Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed
CVE-2025-25675 was published Feb 21, 2025
A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1... Critical Unreviewed
CVE-2024-54756 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the... Critical Unreviewed
CVE-2025-25667 was published Feb 21, 2025
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of... Critical Unreviewed
CVE-2025-25663 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed
CVE-2025-25664 was published Feb 21, 2025
Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter... Critical Unreviewed
CVE-2025-25662 was published Feb 21, 2025
An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an... Critical Unreviewed
CVE-2025-1265 was published Feb 20, 2025
Namada-apps allows Excessive Computation in Mempool Validation Critical
GHSA-f8qm-hmm3-fv7f was published for namada-apps (Rust) Feb 20, 2025
feliam
Namada-apps can Crash with Excessive Computation in Mempool Validation Critical
GHSA-82vg-5v4f-f9wq was published for namada-apps (Rust) Feb 20, 2025
feliam
Namada-apps allows Post-Genesis Validator Bypass Critical
GHSA-2gw2-qgjg-xh6p was published for namada-apps (Rust) Feb 20, 2025
XWiki Platform allows remote code execution as guest via SolrSearchMacros request Critical
CVE-2025-24893 was published for org.xwiki.platform:xwiki-platform-search-solr-ui (Maven) Feb 20, 2025
SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to... Critical Unreviewed
CVE-2024-57401 was published Feb 20, 2025
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter... Critical Unreviewed
CVE-2025-20059 was published Feb 20, 2025
DocsGPT Allows Remote Code Execution Critical
CVE-2025-0868 was published for docsgpt (npm) Feb 20, 2025
The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and... Critical Unreviewed
CVE-2024-13789 was published Feb 20, 2025
The application deserializes untrusted data without sufficiently verifying that the resulting... Critical Unreviewed
CVE-2024-37361 was published Feb 20, 2025
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access... Critical Unreviewed
CVE-2020-35546 was published Feb 19, 2025
Extreme Networks IQ Engine before 10.6r1a, and through 10.6r4 before 10.6r5, has a buffer... Critical Unreviewed
CVE-2023-46271 was published Feb 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database