GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,889
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,701
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,604 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A flaw was found in Undertow that can cause remote denial of service attacks. When the server... High Unreviewed

CVE-2024-3884 was published Dec 3, 2025

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware... High Unreviewed

CVE-2025-26858 was published Dec 1, 2025

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the... High Unreviewed

CVE-2025-0658 was published Nov 27, 2025

HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by... High Unreviewed

CVE-2025-0248 was published Nov 25, 2025

A Looker user with a Developer role could create a database connection using IBM DB2 driver and,... High Unreviewed

CVE-2025-12740 was published Nov 24, 2025

A Looker user with Developer role could create a database connection using Denodo driver and, by... High Unreviewed

CVE-2025-12741 was published Nov 24, 2025

Improper input validation vulnerability in TP-Link System Inc. TL-WR940N V6 (UPnP modules), which... High Unreviewed

CVE-2025-11676 was published Nov 20, 2025

An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager,... High Unreviewed

CVE-2025-13319 was published Nov 17, 2025

Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed

CVE-2025-62222 was published Nov 11, 2025

Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring... High Unreviewed

CVE-2025-33000 was published Nov 11, 2025

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... High Unreviewed

CVE-2025-24299 was published Nov 11, 2025

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80... High Unreviewed

CVE-2025-12907 was published Nov 8, 2025

A Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project... High Unreviewed

CVE-2025-63783 was published Nov 7, 2025

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle... High Unreviewed

CVE-2025-61084 was published Nov 5, 2025

CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure... High Unreviewed

CVE-2025-59595 was published Nov 5, 2025

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS... High Unreviewed

CVE-2025-43472 was published Nov 4, 2025

A denial-of-service issue was addressed with improved validation. This issue is fixed in macOS... High Unreviewed

CVE-2025-43401 was published Nov 4, 2025

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that... High Unreviewed

CVE-2025-60938 was published Oct 24, 2025

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed

CVE-2025-26781 was published Oct 20, 2025

Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform... High Unreviewed

CVE-2025-59248 was published Oct 14, 2025

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed

CVE-2025-59228 was published Oct 14, 2025

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate... High Unreviewed

CVE-2025-59207 was published Oct 14, 2025

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-59187 was published Oct 14, 2025

Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate... High Unreviewed

CVE-2025-58716 was published Oct 14, 2025

Improper input validation in Windows Error Reporting allows an authorized attacker to elevate... High Unreviewed

CVE-2025-55692 was published Oct 14, 2025

Previous1…185 Next

Previous 1 2 3 4 5 … 184 185 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,604 advisories