Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,670 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct... High Unreviewed
CVE-2022-49623 was published Mar 12, 2025
Rembg CORS misconfiguration High
CVE-2025-25302 was published for rembg (pip) Mar 11, 2025
Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2023 was published Mar 11, 2025
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2021 was published Mar 11, 2025
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2022 was published Mar 11, 2025
Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2012 was published Mar 11, 2025
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2015 was published Mar 11, 2025
Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2025-2019 was published Mar 11, 2025
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2018 was published Mar 11, 2025
Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2017 was published Mar 11, 2025
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2013 was published Mar 11, 2025
Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-2016 was published Mar 11, 2025
Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-2020 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BCS Website Solutions Insert Code allows... High Unreviewed
CVE-2025-28932 was published Mar 11, 2025
Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution... High Unreviewed
CVE-2025-2014 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Terence D. Go To Top allows Stored XSS. This... High Unreviewed
CVE-2025-28922 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in philippe No Disposable Email allows Stored XSS... High Unreviewed
CVE-2025-28923 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B allows Stored XSS. This... High Unreviewed
CVE-2025-28933 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification allows... High Unreviewed
CVE-2025-28925 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in DevriX Hashtags allows Stored XSS. This issue... High Unreviewed
CVE-2025-28931 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables allows Stored XSS.... High Unreviewed
CVE-2025-28883 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of Posts from each Category... High Unreviewed
CVE-2025-28894 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-28895 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jazzigor price-calc allows Stored XSS. This... High Unreviewed
CVE-2025-28891 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in a2rocklobster FTP Sync allows Stored XSS. This... High Unreviewed
CVE-2025-28892 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database