Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,887 advisories

Loading
PyMdown Extensions has a ReDOS bug in its Figure Capture extension Low
CVE-2025-68142 was published for pymdown-extensions (pip) Dec 16, 2025
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG... Low Unreviewed
CVE-2023-53900 was published Dec 16, 2025
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows... Low Unreviewed
CVE-2023-53899 was published Dec 16, 2025
In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test Low Unreviewed
CVE-2025-68164 was published Dec 16, 2025
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project... Low Unreviewed
CVE-2025-68162 was published Dec 16, 2025
In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page Low Unreviewed
CVE-2025-68163 was published Dec 16, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in shinetheme Traveler Option... Low Unreviewed
CVE-2025-49300 was published Dec 16, 2025
An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The... Low Unreviewed
CVE-2025-55703 was published Dec 15, 2025
Weblate has improper validation upon invitation acceptance Low
CVE-2025-64725 was published for Weblate (pip) Dec 15, 2025
An Authentication Bypass vulnerability existed where the application bundled an interpreter ... Low Unreviewed
CVE-2025-14714 was published Dec 15, 2025
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app... Low Unreviewed
CVE-2025-14019 was published Dec 15, 2025
LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the... Low Unreviewed
CVE-2025-14023 was published Dec 15, 2025
Mayan EDMS has an Open Redirect through the /authentication/ file Low
CVE-2025-14692 was published for mayan-edms (pip) Dec 15, 2025
Mayan EDMS is vulnerable to XSS through the /authentication/ file Low
CVE-2025-14691 was published for mayan-edms (pip) Dec 15, 2025
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by... Low Unreviewed
CVE-2025-67899 was published Dec 15, 2025
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to... Low Unreviewed
CVE-2025-9218 was published Dec 13, 2025
A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this... Low Unreviewed
CVE-2025-14606 was published Dec 13, 2025
An information disclosure issue was addressed with improved privacy controls. This issue is fixed... Low Unreviewed
CVE-2025-43437 was published Dec 12, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3,... Low Unreviewed
CVE-2025-43518 was published Dec 12, 2025
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in... Low Unreviewed
CVE-2025-43532 was published Dec 12, 2025
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... Low Unreviewed
CVE-2025-43522 was published Dec 12, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... Low Unreviewed
CVE-2025-43465 was published Dec 12, 2025
A session management issue was addressed with improved checks. This issue is fixed in macOS... Low Unreviewed
CVE-2025-43516 was published Dec 12, 2025
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15... Low Unreviewed
CVE-2025-43410 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database