Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,678
Maven
5,000+
npm
4,298
NuGet
760
pip
4,078
Pub
12
RubyGems
957
Rust
1,060
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,200 advisories

Loading
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents... High Unreviewed
CVE-2016-9905 was published May 14, 2022
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier... High Unreviewed
CVE-2025-4433 was published May 30, 2025
Improper access control in secure message component in Devolutions Server allows an authenticated... High Unreviewed
CVE-2025-6741 was published Jul 22, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54563 was published Nov 25, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54338 was published Nov 25, 2025
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized... High Unreviewed
CVE-2025-59512 was published Nov 11, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed
CVE-2025-37155 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
The issue was addressed by refusing external connections by default. This issue is fixed in... High Unreviewed
CVE-2025-43515 was published Nov 13, 2025
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote... High Unreviewed
CVE-2025-20341 was published Nov 13, 2025
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10... High Unreviewed
CVE-2025-63667 was published Nov 12, 2025
An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my... High Unreviewed
CVE-2025-27919 was published Nov 6, 2025
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized... High Unreviewed
CVE-2025-60705 was published Nov 11, 2025
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-58726 was published Oct 14, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43454 was published Nov 4, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1... High Unreviewed
CVE-2025-43450 was published Nov 4, 2025
An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6... High Unreviewed
CVE-2025-57130 was published Nov 5, 2025
When passing through PCI devices, the detach logic in libxl won't remove access permissions to... High Unreviewed
CVE-2025-58149 was published Oct 31, 2025
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and... High Unreviewed
CVE-2024-28960 was published Mar 29, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43476 was published Nov 4, 2025
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... High Unreviewed
CVE-2024-25736 was published Mar 27, 2024
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate... High Unreviewed
CVE-2023-43318 was published Mar 6, 2024
Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and... High Unreviewed
CVE-2023-38945 was published Mar 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database