GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,720
Composer 5,027
Erlang 39
GitHub Actions 38
Go 2,667
Maven 6,116
npm 4,295
NuGet 760
pip 4,073
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,018 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Microsoft SharePoint Online Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-59245 was published Nov 21, 2025

Azure Bastion Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-49752 was published Nov 21, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability... Critical Unreviewed

CVE-2025-10571 was published Nov 20, 2025

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly... Critical Unreviewed

CVE-2025-34320 was published Nov 20, 2025

An attacker could take over a Looker account in a Looker instance configured with OIDC... Critical Unreviewed

CVE-2025-12414 was published Nov 20, 2025

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An... Critical Unreviewed

CVE-2025-13315 was published Nov 19, 2025

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is... Critical Unreviewed

CVE-2025-63210 was published Nov 19, 2025

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface,... Critical Unreviewed

CVE-2025-63206 was published Nov 19, 2025

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to... Critical Unreviewed

CVE-2025-63207 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34328 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34329 was published Nov 19, 2025

The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed

CVE-2025-63223 was published Nov 19, 2025

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63224 was published Nov 19, 2025

Legacy Vivotek Device firmware uses default credetials for the root and user login accounts. Critical Unreviewed

CVE-2025-12592 was published Nov 19, 2025

The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed

CVE-2025-63218 was published Nov 19, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10437 was published Nov 19, 2025

When the service of ABP and AES is installed in a directory writable by non-administrative users,... Critical Unreviewed

CVE-2025-13051 was published Nov 19, 2025

The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as... Critical Unreviewed

CVE-2025-12057 was published Nov 19, 2025

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to... Critical Unreviewed

CVE-2025-63216 was published Nov 19, 2025

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63217 was published Nov 19, 2025

The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed

CVE-2025-63225 was published Nov 18, 2025

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an... Critical Unreviewed

CVE-2025-63228 was published Nov 18, 2025

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password... Critical Unreviewed

CVE-2025-54321 was published Nov 18, 2025

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php... Critical Unreviewed

CVE-2025-63695 was published Nov 18, 2025

Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user... Critical Unreviewed

CVE-2025-56643 was published Nov 18, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,018 advisories