Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,133 advisories

Loading
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the deviceId parameter... Unknown Unreviewed
CVE-2025-63454 was published Oct 31, 2025
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in... Unknown Unreviewed
CVE-2025-63458 was published Oct 31, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly... Unknown Unreviewed
CVE-2025-63563 was published Oct 31, 2025
When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will... High Unreviewed
CVE-2025-10693 was published Oct 31, 2025
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient... Moderate Unreviewed
CVE-2025-63562 was published Oct 31, 2025
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed
CVE-2025-64348 was published Oct 31, 2025
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-60711 was published Oct 31, 2025
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target... High Unreviewed
CVE-2025-64349 was published Oct 31, 2025
Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure... Moderate Unreviewed
CVE-2025-62267 was published Oct 31, 2025
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in... High Unreviewed
CVE-2025-62618 was published Oct 31, 2025
A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an... Moderate Unreviewed
CVE-2025-12546 was published Oct 31, 2025
A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability... Moderate Unreviewed
CVE-2025-12547 was published Oct 31, 2025
Agno session state overwrites between different sessions/users High
CVE-2025-64168 was published for agno (pip) Oct 31, 2025
JasonLovesDoggo
Credited to JasonLovesDoggo
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g... Unknown Unreviewed
CVE-2025-63459 was published Oct 31, 2025
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the wifiOff... Unknown Unreviewed
CVE-2025-63462 was published Oct 31, 2025
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g... Unknown Unreviewed
CVE-2025-63461 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the wifiOff... Unknown Unreviewed
CVE-2025-63463 was published Oct 31, 2025
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g... Unknown Unreviewed
CVE-2025-63460 was published Oct 31, 2025
If the value passed to os.path.expandvars() is user-controlled a performance degradation is... Low Unreviewed
CVE-2025-6075 was published Oct 31, 2025
Liferay Portal Vulnerable to Reflected XSS via the selectedLanguageId Parameter Moderate
CVE-2025-62264 was published for com.liferay.portal:release.portal.bom (Maven) Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63465 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63464 was published Oct 31, 2025
Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Moderate Unreviewed
CVE-2025-12554 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password... Unknown Unreviewed
CVE-2025-63466 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database