GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
22,905 advisories
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
Critical
CVE-2025-49132
was published
for
pterodactyl/panel
(Composer)
Jun 19, 2025
PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion
Low
CVE-2025-48059
was published
for
com.powsybl:powsybl-contingency-api
(Maven)
Jun 19, 2025
PowSyBl Core contains Polynomial REDoS’es
Moderate
CVE-2025-48058
was published
for
com.powsybl:powsybl-commons
(Maven)
Jun 19, 2025
PowSyBl Core allows deserialization of untrusted SparseMatrix data
High
CVE-2025-47771
was published
for
com.powsybl:powsybl-math
(Maven)
Jun 19, 2025
PowSyBl Core XML Reader allows XXE and SSRF
Low
CVE-2025-47293
was published
for
com.powsybl:powsybl-commons
(Maven)
Jun 19, 2025
urllib3 does not control redirects in browsers and Node.js
Moderate
CVE-2025-50182
was published
for
urllib3
(pip)
Jun 18, 2025
urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
Moderate
CVE-2025-50181
was published
for
urllib3
(pip)
Jun 18, 2025
OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer
Moderate
CVE-2025-50183
was published
for
@openlist-frontend/openlist-frontend
(npm)
Jun 18, 2025
OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal
Moderate
CVE-2025-5981
was published
for
github.com/google/osv-scalibr
(Go)
Jun 18, 2025
Withdrawn Advisory: microlight allows a denial of service
Low
CVE-2025-45526
was published
for
microlight
(npm)
Jun 17, 2025
•
withdrawn
ash_authentication_phoenix has Insufficient Session Expiration
Low
CVE-2025-4754
was published
for
ash_authentication_phoenix
(Erlang)
Jun 17, 2025
pycares has a Use-After-Free Vulnerability
Moderate
GHSA-5qpg-rh4j-qp35
was published
for
pycares
(pip)
Jun 16, 2025
ProTip!
Advisories are also available from the
GraphQL API