HOME
ABOUT
- RESULTS
- differences
- BENEFITS
- HISTORY
- TEAM
- LOCATION
- FACILITIES
- BANKING
- MEMBERSHIPS
- APPROVALS
- LICENCES
- SUPPLIERS
- SPONSORSHIPS
- MEDIA
- PRIVACY
AUCTIONS
SHIPPING
FEES
- TS REWARDS
TOOLS
guides
FAQ
CONTACT
- CONNECT

VEHICLES
BRAND
- JAPANESE CARS
  - DAIHATSU
  - EUNOS
  - FORD
  - HONDA
  - ISUZU
  - LEXUS
  - MAZDA
  - MITSUBISHI
  - MITSUOKA
  - NISSAN
  - SUBARU
  - SUZUKI
  - TOYOTA
- GERMAN CARS
- AMERICAN CARS
- BRITISH CARS
- ITALIAN CARS
- FRENCH CARS
- SWEDISH CARS
- KOREAN CARS
TYPE
- mobility
- VENDING
- instruction
- TAXIS
- AMBULANCES
- FIRE ENGINES
- HEARSES
- LIMOUSINES
- COMMERCIAL
CLASS
FUEL
TRUCKS
minitrucks
- DAIHATSU
- HONDA
- MAZDA
- MITSUBISHI
- NISSAN
- SUBARU
- SUZUKI
- DUMP
- CRANE
- CAMPER
- REFRIGERATED
- 4WD
- NEW
BUSES
MOTORHOMES
- YAHOO!
- RAKUTEN
- DEALER

PARTS
- FREE REPORT
- PARTS CONTAINERS
- PARTS SYSTEMS
- PARTS PROTECTION
- BODY SHELLS
- DISMANTLING
- ONLINE PARTS
- NEW PARTS
- INTERIOR PARTS
- EXTERIOR PARTS
  - BONNETS
  - BUMPERS
  - GRILLES
  - FENDERS
  - DOORS
  - TRUNKS
  - SPOILERS
  - LIGHTS
  - EMBLEMS
  - CAMERAS
- ENGINES
- TRANSMISSIONS
- WHEELS & TYRES
  - WHEELS
  - TYRES
CUTS
PERFORMANCE PARTS
TRUCK PARTS
MOTORBIKE PARTS
- MOTORBIKE ENGINES
- MOTORBIKE ACCESSORIES

MOTORBIKES
MARINE
FORKLIFTS
MACHINERY
AGRICULTURAL
OTHER
COUNTRY
- AUSTRALIA
- CANADA
- KENYA
- MYANMAR
- NEW ZEALAND
- PAKISTAN
- TANZANIA
- UNITED STATES

CARVIEW

MOTORHOMES

Select Language

HTTP/2 302 date: Fri, 25 Jul 2025 08:15:29 GMT content-type: text/plain;charset=UTF-8 content-length: 20 location: https://github.com/advisories cf-ray: 964a35aeab9b860e-BLR cf-cache-status: HIT cache-control: public, max-age=14400 strict-transport-security: max-age=31536000; includeSubDomains; preload vary: x-requested-with, x-spiferack, Accept-Encoding content-security-policy: connect-src 'self' checkout.stripe.com https://checkout.stripe.com https://billing.stripe.com/session https://api.funcaptcha.com https://api.arkoselabs.com sentry.io api.github.com www.npmjs.com;default-src 'none';img-src * data: https://*.stripe.com;script-src 'self' data: 'unsafe-inline' https://checkout.stripe.com/checkout.js https://checkout.stripe.com https://js.stripe.com/v3 https://platform.twitter.com/widgets.js https://octocaptcha.com https://static-production.npmjs.com/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static-production.npmjs.com/;frame-src checkout.stripe.com https://checkout.stripe.com https://js.stripe.com/ https://octocaptcha.com;font-src https://fonts.gstatic.com https://static-production.npmjs.com/ ;media-src https://player.vimeo.com https://fpdl.vimeocdn.com https://gcs-vimeo.akamaized.net https://vod-progressive.akamaized.net npm-cost: 1 npm-remaining: 99 x-content-security-policy: connect-src 'self' checkout.stripe.com https://checkout.stripe.com https://billing.stripe.com/session https://api.funcaptcha.com https://api.arkoselabs.com sentry.io api.github.com www.npmjs.com;default-src 'none';img-src * data: https://*.stripe.com;script-src 'self' data: 'unsafe-inline' https://checkout.stripe.com/checkout.js https://checkout.stripe.com https://js.stripe.com/v3 https://platform.twitter.com/widgets.js https://octocaptcha.com https://static-production.npmjs.com/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static-production.npmjs.com/;frame-src checkout.stripe.com https://checkout.stripe.com https://js.stripe.com/ https://octocaptcha.com;font-src https://fonts.gstatic.com https://static-production.npmjs.com/ ;media-src https://player.vimeo.com https://fpdl.vimeocdn.com https://gcs-vimeo.akamaized.net https://vod-progressive.akamaized.net x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block set-cookie: __cf_bm=nFLzsNimZXLdPdIitF.OnkQdH80GC0w_nIpI5yHAK78-1753431329-1.0.1.1-4F9v7OjSzDNREic2vpuZv4CRTv5Xj6aTUpmobNYfuGFxlONxAx4zEI6cvgoIOuxOIQcqmYaa8r24d_K5mjue6dvlhjrA14ygTDCLNgxc65s; path=/; expires=Fri, 25-Jul-25 08:45:29 GMT; domain=.npmjs.com; HttpOnly; Secure; SameSite=None server: cloudflare HTTP/2 200 date: Fri, 25 Jul 2025 08:15:29 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With etag: W/"7d140a296f081d96109d746436404618" cache-control: max-age=0, private, must-revalidate strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/ server: github.com content-encoding: gzip accept-ranges: bytes set-cookie: _gh_sess=KTTmVoi5LdUk0TdA5rgdx4UCPFUX%2Fyf402W%2FqcL6ulGa2lxcw7OTsLcz7vJpE2Z3slomIMp09UjtidgJ1CZZgrE%2BJirBbXO0FLnhQ8hZoQdeM9Bc45eQOwJQu5Ted%2F6U86CGUYPZVVnDs%2FlenRTuqoDpsWEq5ypMi1WPSw7TcsuKUSQ98J1i5atb1uX1ROCMXH88gN91Ad%2B0ueTMuGrW0E8kxs5HfvL8UW5SnCfHdWZesp5oxEGSEmwG84XVPU5UEmvyMa3y10qZrdmydJwbYQ%3D%3D--X29rnxGxBzKL6D65--PVHU5yJevGK2dGtImNq8NA%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax set-cookie: _octo=GH1.1.1476715215.1753431329; Path=/; Domain=github.com; Expires=Sat, 25 Jul 2026 08:15:29 GMT; Secure; SameSite=Lax set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sat, 25 Jul 2026 08:15:29 GMT; HttpOnly; Secure; SameSite=Lax x-github-request-id: D00C:1D2B8F:5255B9:637CE8:68833D21 GitHub Advisory Database · GitHub

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

Appearance settings

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,254
Composer 4,810
Erlang 36
GitHub Actions 31
Go 2,396
Maven 5,778
npm 4,030
NuGet 721
pip 3,820
Pub 12
RubyGems 932
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,609

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

23,254 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical

CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025

eKuiper API endpoints handling SQL queries with user-controlled table names. High

CVE-2025-54379 was published for github.com/lf-edge/ekuiper/v2 (Go) Jul 24, 2025

ImageMagick has XMP profile write that triggers hang due to unbounded loop High

CVE-2025-53015 was published for Magick.NET-Q16-AnyCPU (NuGet) Jul 23, 2025

Mezzanine CMS vulnerable to Cross-site Scripting Moderate

CVE-2025-50481 was published for Mezzanine (pip) Jul 23, 2025

Withdrawn Advisory: Axios has Transitive Critical Vulnerability via form-data High

CVE-2025-54371 was published for axios (npm) Jul 23, 2025 • withdrawn

Possible ORM Leak Vulnerability in the Harbor Moderate

CVE-2025-30086 was published for github.com/goharbor/harbor (Go) Jul 23, 2025

FastAPI Guard has a regex bypass High

CVE-2025-54365 was published for fastapi-guard (pip) Jul 23, 2025

Harbor repository description page has Cross-site Scripting vulnerability Moderate

CVE-2025-32019 was published for github.com/goharbor/harbor (Go) Jul 23, 2025

files-bucket-server vulnerable to Directory Traversal High

CVE-2025-8021 was published for files-bucket-server (npm) Jul 23, 2025

private-ip vulnerable to Server-Side Request Forgery High

CVE-2025-8020 was published for private-ip (npm) Jul 23, 2025

bun vulnerable to OS Command Injection High

CVE-2025-8022 was published for bun (npm) Jul 23, 2025

Ollama vulnerable to Cross-Domain Token Exposure Moderate

CVE-2025-51471 was published for github.com/ollama/ollama (Go) Jul 22, 2025

Dagster Local File Inclusion vulnerability Moderate

CVE-2025-51481 was published for dagster (pip) Jul 22, 2025

Aim vulnerable to Cross-site Scripting Moderate

CVE-2025-51464 was published for aim (pip) Jul 22, 2025

Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources High

CVE-2025-53942 was published for goauthentik.io (Go) Jul 22, 2025

Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service High

CVE-2025-47281 was published for github.com/kyverno/kyverno (Go) Jul 22, 2025

Powermail extension for TYPO3 allows Insecure Direct Object Reference Moderate

CVE-2025-7899 was published for in2code/powermail (Composer) Jul 22, 2025

Femanager extension for TYPO3 allows Insecure Direct Object Reference Moderate

CVE-2025-7900 was published for in2code/femanager (Composer) Jul 22, 2025

`pyLoad` has Path Traversal Vulnerability in `json/upload` Endpoint that allows Arbitrary File Write High

CVE-2025-54140 was published for pyload-ng (pip) Jul 21, 2025

HAX CMS application pages vulnerable to clickjacking Moderate

CVE-2025-54139 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 21, 2025

LibreNMS has Authenticated Remote File Inclusion in ajax_form.php that Allows RCE High

CVE-2025-54138 was published for librenms/librenms (Composer) Jul 21, 2025

NodeJS version of the HAX CMS application is distributed with Default Secrets High

CVE-2025-54137 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025

HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service High

CVE-2025-54134 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025

NodeJS version of HAX CMS Has Disabled Content Security Policy That Enables Cross-Site Scripting High

CVE-2025-54128 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025

NodeJS version of HAX CMS Has Insecure Default Configuration That Leads to Unauthenticated Access Critical

CVE-2025-54127 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Footer

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.

HOME
ABOUT
AUCTIONS
SHIPPING
FEES
TOOLS
HOW
FAQ
CONTACT

Original Source | Taken Source