Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,670 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Naren Members page only for logged in users... High Unreviewed
CVE-2025-28901 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Steveorevo Domain Theme allows Stored XSS.... High Unreviewed
CVE-2025-28897 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in webgarb TabGarb Pro allows Stored XSS. This... High Unreviewed
CVE-2025-28900 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables allows Stored XSS.... High Unreviewed
CVE-2025-28883 was published Mar 11, 2025
Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-27173 was published Mar 11, 2025
Substance3D - Modeler versions 1.15.0 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-27181 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed... High Unreviewed
CVE-2025-28860 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankchecker.io Integration allows... High Unreviewed
CVE-2025-28857 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Persian Datepicker allows... High Unreviewed
CVE-2025-28861 was published Mar 11, 2025
A Cross-Site Request Forgery (CSRF) in the component /admin/users/user.form of Openmrs 2.4.3... High Unreviewed
CVE-2025-25928 was published Mar 11, 2025
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A... High Unreviewed
CVE-2025-23242 was published Mar 11, 2025
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal... High Unreviewed
CVE-2025-23360 was published Mar 11, 2025
Below has Incorrect Permission Assignment for Critical Resource High
CVE-2025-27591 was published for below (Rust) Mar 11, 2025
mgerstner
Arbitrary Code Execution via Crafted Keras Config for Model Loading High
CVE-2025-1550 was published for keras (pip) Mar 11, 2025
io-no
Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability High
CVE-2025-24070 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Mar 11, 2025
The SimpleSAMLphp SAML2 library incorrectly verifies signatures for HTTP-Redirect binding High
CVE-2025-27773 was published for simplesamlphp/saml2 (Composer) Mar 11, 2025
ahacker1-securesaml ZeiP
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow... High Unreviewed
CVE-2025-27168 was published Mar 11, 2025
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-27169 was published Mar 11, 2025
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer... High Unreviewed
CVE-2025-27171 was published Mar 11, 2025
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-27166 was published Mar 11, 2025
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-27178 was published Mar 11, 2025
Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a... High Unreviewed
CVE-2025-27174 was published Mar 11, 2025
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-27175 was published Mar 11, 2025
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer... High Unreviewed
CVE-2025-27177 was published Mar 11, 2025
Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an... High Unreviewed
CVE-2025-27440 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database