GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

143 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative... Critical Unreviewed

CVE-2025-59396 was published Nov 6, 2025

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker... Moderate Unreviewed

CVE-2025-35021 was published Nov 4, 2025

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix... Moderate Unreviewed

CVE-2022-49099 was published Oct 14, 2025

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with... Moderate Unreviewed

CVE-2025-41245 was published Sep 29, 2025

During a short time frame while the device is booting an unauthenticated remote attacker can send... Moderate Unreviewed

CVE-2025-41713 was published Sep 15, 2025

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for... High Unreviewed

CVE-2025-36222 was published Sep 11, 2025

In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept... Moderate Unreviewed

CVE-2025-32330 was published Sep 4, 2025

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbd_response... Moderate Unreviewed

CVE-2025-38523 was published Aug 16, 2025

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation... Critical Unreviewed

CVE-2025-7353 was published Aug 14, 2025

In TRENDnet TEW-WLC100P 2.03b03, the i_dont_care_about_security_and_use_aggressive_mode_psk... High Unreviewed

CVE-2025-44647 was published Jul 21, 2025

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure... High Unreviewed

CVE-2025-25271 was published Jul 8, 2025

A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain... Critical Unreviewed

CVE-2025-41672 was published Jul 7, 2025

The Versa Director software exposes a number of services by default and allow attackers an easy... Critical Unreviewed

CVE-2025-24288 was published Jun 19, 2025

The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even... Critical Unreviewed

CVE-2025-41438 was published May 30, 2025

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap... Moderate Unreviewed

CVE-2025-48927 was published May 28, 2025

A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All... High Unreviewed

CVE-2025-31930 was published May 13, 2025

Insecure default settings have been found in recorder products provided by Yokogawa Electric... Critical Unreviewed

CVE-2025-1863 was published Apr 18, 2025

In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces High Unreviewed

CVE-2025-43015 was published Apr 17, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2442 was published Apr 9, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2441 was published Apr 9, 2025

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an... Low Unreviewed

CVE-2025-27443 was published Apr 8, 2025

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource... Moderate Unreviewed

CVE-2025-29985 was published Apr 8, 2025

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have... Moderate Unreviewed

CVE-2025-27809 was published Mar 25, 2025

An unauthenticated remote attacker can gain limited information of the PLC network but the user... Moderate Unreviewed

CVE-2024-41975 was published Mar 18, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Critical Unreviewed

CVE-2025-1960 was published Mar 12, 2025

Previous1…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

143 advisories