Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

303,033 advisories

Loading
ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed
CVE-2020-36871 was published Nov 27, 2025
BACnet Test Server versions up to and including 1.01 contains a remote denial of service... High Unreviewed
CVE-2020-36872 was published Nov 27, 2025
Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed
CVE-2019-25227 was published Nov 27, 2025
Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration... High Unreviewed
CVE-2019-25226 was published Nov 27, 2025
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client High
CVE-2025-66035 was published for @angular/common (npm) Nov 26, 2025
alan-agius4 AndrewKushnir
irsl hybrist AKiileX
Credited to alan-agius4, AndrewKushnir, irsl, hybrist, and AKiileX
Better Auth's multi-session sign-out hook allows forged cookies to revoke arbitrary sessions Low
GHSA-wmjr-v86c-m9jj was published for better-auth (npm) Nov 26, 2025
mufeedvh
Credited to mufeedvh
willitmerge has a Command Injection vulnerability Moderate
GHSA-j9wj-m24m-7jj6 was published for willitmerge (npm) Nov 26, 2025
lirantal
Credited to lirantal
node-forge has ASN.1 Unbounded Recursion High
CVE-2025-66031 was published for node-forge (npm) Nov 26, 2025
wodzen
Credited to wodzen
node-forge is vulnerable to ASN.1 OID Integer Truncation Moderate
CVE-2025-66030 was published for node-forge (npm) Nov 26, 2025
wodzen
Credited to wodzen
node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization High
CVE-2025-12816 was published for node-forge (npm) Nov 26, 2025
wodzen sei-vsarvepalli
Credited to wodzen and sei-vsarvepalli
Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows unauthorized share and... Unknown Unreviewed
CVE-2025-65672 was published Nov 26, 2025
Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated... Unknown Unreviewed
CVE-2025-65675 was published Nov 26, 2025
Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated... Unknown Unreviewed
CVE-2025-65676 was published Nov 26, 2025
NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted... Unknown Unreviewed
CVE-2025-26155 was published Nov 26, 2025
An unauthenticated administrative access vulnerability exists in the open-source HashTech project... Unknown Unreviewed
CVE-2025-65276 was published Nov 26, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18... Moderate Unreviewed
CVE-2025-12653 was published Nov 26, 2025
An issue was discovered in file users.json in GroceryMart commit 21934e6 (2020-10-23) allowing... Unknown Unreviewed
CVE-2025-65278 was published Nov 26, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed
CVE-2025-13611 was published Nov 26, 2025
An issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from... Unknown Unreviewed
CVE-2025-65669 was published Nov 26, 2025
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local... Unknown Unreviewed
CVE-2025-65681 was published Nov 26, 2025
An Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows students to access... Unknown Unreviewed
CVE-2025-65670 was published Nov 26, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5... Moderate Unreviewed
CVE-2025-6195 was published Nov 26, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.4.5, 18... Moderate Unreviewed
CVE-2025-7449 was published Nov 26, 2025
TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the... Unknown Unreviewed
CVE-2025-65202 was published Nov 26, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5,... High Unreviewed
CVE-2025-12571 was published Nov 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database