GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,889
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,701
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

761 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed

CVE-2025-66259 was published Nov 26, 2025

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code... Critical Unreviewed

CVE-2025-63213 was published Nov 19, 2025

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no... Critical Unreviewed

CVE-2025-10460 was published Nov 17, 2025

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the... Critical Unreviewed

CVE-2025-64385 was published Oct 31, 2025

HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web... Critical Unreviewed

CVE-2024-30110 was published Oct 30, 2025

An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public... Critical Unreviewed

CVE-2025-61235 was published Oct 28, 2025

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload... Critical Unreviewed

CVE-2025-27224 was published Oct 27, 2025

Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19... Critical Unreviewed

CVE-2025-12275 was published Oct 26, 2025

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU... Critical Unreviewed

CVE-2025-12001 was published Oct 21, 2025

Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP... Critical Unreviewed

CVE-2025-8414 was published Oct 17, 2025

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script... Critical Unreviewed

CVE-2025-57644 was published Sep 22, 2025

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 26, watchOS... Critical Unreviewed

CVE-2025-43347 was published Sep 16, 2025

A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26... Critical Unreviewed

CVE-2025-43342 was published Sep 16, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS)... Critical Unreviewed

CVE-2025-34157 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34161 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34159 was published Aug 27, 2025

Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified... Critical Unreviewed

CVE-2025-34158 was published Aug 21, 2025

A security issue exists due to improper handling of malformed CIP Forward Close packets during... Critical Unreviewed

CVE-2025-7693 was published Aug 18, 2025

A vulnerability has been found in the MSoft MFlash application that allows execution of... Critical Unreviewed

CVE-2025-9060 was published Aug 15, 2025

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed

CVE-2025-8876 was published Aug 14, 2025

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed

CVE-2025-24325 was published Aug 12, 2025

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed

CVE-2025-40746 was published Aug 12, 2025

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed

CVE-2025-2611 was published Aug 5, 2025

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed

CVE-2025-27212 was published Aug 5, 2025

Previous1…31 Next

Previous 1 2 3 4 5 … 30 31 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

761 advisories