Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

128,000 advisories

Loading
Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to... Moderate Unreviewed
CVE-2025-3193 was published Sep 27, 2025
A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this issue is some... Moderate Unreviewed
CVE-2025-11049 was published Sep 27, 2025
Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper... Moderate Unreviewed
CVE-2025-10954 was published Sep 27, 2025
A flaw has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file... Moderate Unreviewed
CVE-2025-11050 was published Sep 27, 2025
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-10498 was published Sep 27, 2025
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-10499 was published Sep 27, 2025
IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 is vulnerable to cross-site request forgery... Moderate Unreviewed
CVE-2024-43192 was published Sep 27, 2025
IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2025-36239 was published Sep 27, 2025
The Team Members plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the first... Moderate Unreviewed
CVE-2025-8440 was published Sep 27, 2025
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function... Moderate Unreviewed
CVE-2025-11047 was published Sep 27, 2025
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this... Moderate Unreviewed
CVE-2025-11048 was published Sep 27, 2025
In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid... Moderate Unreviewed
CVE-2025-21654 was published Jan 19, 2025
In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on... Moderate Unreviewed
CVE-2024-57924 was published Jan 19, 2025
In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on... Moderate Unreviewed
CVE-2024-57932 was published Jan 21, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when... Moderate Unreviewed
CVE-2024-57921 was published Jan 19, 2025
In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Fix and... Moderate Unreviewed
CVE-2024-56706 was published Dec 28, 2024
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix... Moderate Unreviewed
CVE-2024-57889 was published Jan 15, 2025
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping... Moderate Unreviewed
CVE-2024-57885 was published Jan 15, 2025
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD... Moderate Unreviewed
CVE-2024-57883 was published Jan 15, 2025
Sourcecodester Employee Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via ... Moderate Unreviewed
CVE-2025-26258 was published Sep 26, 2025
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix avail_in... Moderate Unreviewed
CVE-2024-57923 was published Jan 19, 2025
An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active... Moderate Unreviewed
CVE-2025-45994 was published Sep 26, 2025
In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free... Moderate Unreviewed
CVE-2024-57884 was published Jan 15, 2025
Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute... Moderate Unreviewed
CVE-2025-29156 was published Sep 25, 2025
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a... Moderate Unreviewed
CVE-2025-29157 was published Sep 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database