Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

130,791 advisories

Loading
OpenFGA Authorization Bypass Moderate
CVE-2025-48371 was published for github.com/openfga/openfga (Go) May 23, 2025
PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple... Moderate Unreviewed
CVE-2024-51103 was published May 23, 2025
DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline Moderate
CVE-2025-48378 was published for DotNetNuke.Core (NuGet) May 23, 2025
bdukes david-poindexter
valadas
Reflected Cross-Site Scripting (XSS) in module actions in edit mode Moderate
CVE-2025-48377 was published for DotNetNuke.Core (NuGet) May 23, 2025
bdukes david-poindexter
valadas
A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical.... Moderate Unreviewed
CVE-2025-5114 was published May 23, 2025
A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an... Moderate Unreviewed
CVE-2025-5109 was published May 23, 2025
Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS)... Moderate Unreviewed
CVE-2018-25110 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-48275 was published May 23, 2025
An access control vulnerability was discovered in Grafana OSS where an Organization administrator... Moderate Unreviewed
CVE-2025-3580 was published May 23, 2025
A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-5108 was published May 23, 2025
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This... Moderate Unreviewed
CVE-2025-5112 was published May 23, 2025
A vulnerability was found in Fujian Kelixun 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5107 was published May 23, 2025
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.... Moderate Unreviewed
CVE-2025-5111 was published May 23, 2025
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this... Moderate Unreviewed
CVE-2025-5110 was published May 23, 2025
Missing Authorization vulnerability in Leadinfo Leadinfo allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-48271 was published May 23, 2025
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Path Traversal. This... Moderate Unreviewed
CVE-2025-47619 was published May 23, 2025
Missing Authorization vulnerability in UX Design Experts Experto CTA Widget – Call To... Moderate Unreviewed
CVE-2025-47529 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-46527 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46518 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-47513 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-46486 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46493 was published May 23, 2025
The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf... Moderate Unreviewed
CVE-2025-41378 was published May 23, 2025
Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed
CVE-2025-41380 was published May 23, 2025
The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an... Moderate Unreviewed
CVE-2025-41379 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database