GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,563

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

114,342 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the web-based management interface of affected products could allow an... High Unreviewed

CVE-2025-37161 was published Nov 18, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of... High Unreviewed

CVE-2025-63955 was published Nov 18, 2025

A command injection vulnerability has been identified in the command line interface of the HPE... High Unreviewed

CVE-2025-37163 was published Nov 18, 2025

A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed

CVE-2025-37155 was published Nov 18, 2025

Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string(... High Unreviewed

CVE-2025-64076 was published Nov 18, 2025

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage. High Unreviewed

CVE-2025-56527 was published Nov 18, 2025

An improper neutralization of special elements used in an SQL Command ("SQL Injection")... High Unreviewed

CVE-2025-58692 was published Nov 18, 2025

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4... High Unreviewed

CVE-2025-58413 was published Nov 18, 2025

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2025-58034 was published Nov 18, 2025

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an... High Unreviewed

CVE-2025-33183 was published Nov 18, 2025

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing... High Unreviewed

CVE-2025-34324 was published Nov 18, 2025

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] in Fortinet... High Unreviewed

CVE-2025-47761 was published Nov 18, 2025

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an... High Unreviewed

CVE-2025-33184 was published Nov 18, 2025

A Heap-based Buffer Overflow vulnerability [CWE-122] in Fortinet FortiClientWindows 7.4.0 through... High Unreviewed

CVE-2025-46373 was published Nov 18, 2025

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4... High Unreviewed

CVE-2025-53843 was published Nov 18, 2025

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write... High Unreviewed

CVE-2025-63602 was published Nov 18, 2025

The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account... High Unreviewed

CVE-2025-63800 was published Nov 18, 2025

Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del... High Unreviewed

CVE-2025-41347 was published Nov 18, 2025

A low privileged remote attacker can upload a new or overwrite an existing python script by using... High Unreviewed

CVE-2025-41736 was published Nov 18, 2025

The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing... High Unreviewed

CVE-2025-12955 was published Nov 18, 2025

Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed

CVE-2025-41737 was published Nov 18, 2025

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload... High Unreviewed

CVE-2025-13069 was published Nov 18, 2025

A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use... High Unreviewed

CVE-2025-6670 was published Nov 18, 2025

SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability... High Unreviewed

CVE-2025-41348 was published Nov 18, 2025

The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-4212 was published Nov 18, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

114,342 advisories