Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,709
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,288 advisories

Loading
NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data... High Unreviewed
CVE-2025-61940 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user... High Unreviewed
CVE-2025-62575 was published Dec 2, 2025
Within HostnameError.Error(), when constructing an error string, there is no limit to the number... High Unreviewed
CVE-2025-61729 was published Dec 2, 2025
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41... High Unreviewed
CVE-2025-13631 was published Dec 2, 2025
Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker... High Unreviewed
CVE-2025-13638 was published Dec 2, 2025
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to... High Unreviewed
CVE-2025-13630 was published Dec 2, 2025
Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote... High Unreviewed
CVE-2025-13633 was published Dec 2, 2025
Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had... High Unreviewed
CVE-2025-13720 was published Dec 2, 2025
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially... High Unreviewed
CVE-2025-13721 was published Dec 2, 2025
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is... High Unreviewed
CVE-2025-34352 was published Dec 2, 2025
Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote... High Unreviewed
CVE-2025-13639 was published Dec 2, 2025
EverShop 2.0.1 allows an unauthenticated user to upload files and create directories within the ... High Unreviewed
CVE-2025-65844 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59697 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59702 was published Dec 2, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER... High Unreviewed
CVE-2025-13295 was published Dec 2, 2025
A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of... High Unreviewed
CVE-2025-12465 was published Dec 2, 2025
SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an... High Unreviewed
CVE-2025-41013 was published Dec 2, 2025
Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... High Unreviewed
CVE-2025-41012 was published Dec 2, 2025
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile'... High Unreviewed
CVE-2025-11789 was published Dec 2, 2025
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11788 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11785 was published Dec 2, 2025
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2... High Unreviewed
CVE-2025-11787 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11786 was published Dec 2, 2025
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected... High Unreviewed
CVE-2025-11781 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11780 was published Dec 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database