Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

156,463 advisories

Loading
A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality... Moderate Unreviewed
CVE-2025-14836 was published Dec 18, 2025
A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of... Moderate Unreviewed
CVE-2025-14837 was published Dec 18, 2025
projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53906 was published Dec 18, 2025
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt... Moderate Unreviewed
CVE-2023-53911 was published Dec 18, 2025
WBCE CMS 1.6.1 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53910 was published Dec 18, 2025
Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to... Moderate Unreviewed
CVE-2023-53913 was published Dec 18, 2025
WBCE CMS 1.6.1 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53909 was published Dec 18, 2025
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title... Moderate Unreviewed
CVE-2023-53918 was published Dec 18, 2025
Zenphoto 1.6 contains a stored cross-site scripting vulnerability in the user postal code field... Moderate Unreviewed
CVE-2023-53916 was published Dec 18, 2025
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title... Moderate Unreviewed
CVE-2023-53920 was published Dec 18, 2025
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox... Moderate Unreviewed
CVE-2023-53919 was published Dec 18, 2025
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53915 was published Dec 18, 2025
ProjectSend r1605 contains a CSV injection vulnerability that allows authenticated users to... Moderate Unreviewed
CVE-2023-53905 was published Dec 18, 2025
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated... Moderate Unreviewed
CVE-2023-53904 was published Dec 18, 2025
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25... Moderate Unreviewed
CVE-2025-67794 was published Dec 18, 2025
A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected... Moderate Unreviewed
CVE-2025-14832 was published Dec 18, 2025
mcp-server-git has missing path validation when using --repository flag Moderate
CVE-2025-68145 was published for mcp-server-git (pip) Dec 17, 2025
mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files Moderate
CVE-2025-68144 was published for mcp-server-git (pip) Dec 17, 2025
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari... Moderate Unreviewed
CVE-2025-43541 was published Dec 17, 2025
The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2... Moderate Unreviewed
CVE-2025-46278 was published Dec 17, 2025
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal ... Moderate Unreviewed
CVE-2025-59849 was published Dec 17, 2025
An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1... Moderate Unreviewed
CVE-2025-67789 was published Dec 17, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and... Moderate Unreviewed
CVE-2025-46292 was published Dec 17, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS... Moderate Unreviewed
CVE-2025-46288 was published Dec 17, 2025
The issue was addressed with additional permissions checks. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-46282 was published Dec 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database