GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,733
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,672
Maven 6,116
npm 4,297
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,021

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105,947 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0... High Unreviewed

CVE-2025-56400 was published Nov 24, 2025

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR... High Unreviewed

CVE-2024-14007 was published Nov 24, 2025

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially... High Unreviewed

CVE-2025-48510 was published Nov 24, 2025

Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use... High Unreviewed

CVE-2025-0003 was published Nov 24, 2025

Improper input validation within the XOCL driver may allow a local attacker to generate an... High Unreviewed

CVE-2025-52538 was published Nov 24, 2025

A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt... High Unreviewed

CVE-2025-52539 was published Nov 24, 2025

Improper input validation within the XOCL driver may allow a local attacker to generate an... High Unreviewed

CVE-2025-0005 was published Nov 24, 2025

A vulnerability has been identified in keylime where an attacker can exploit this flaw by... High Unreviewed

CVE-2025-13609 was published Nov 24, 2025

The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure... High Unreviewed

CVE-2025-63434 was published Nov 24, 2025

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute... High Unreviewed

CVE-2025-60915 was published Nov 24, 2025

A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4... High Unreviewed

CVE-2025-44018 was published Nov 24, 2025

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName. High Unreviewed

CVE-2025-56401 was published Nov 24, 2025

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of... High Unreviewed

CVE-2025-60638 was published Nov 24, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA... High Unreviewed

CVE-2025-10555 was published Nov 24, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product... High Unreviewed

CVE-2025-10554 was published Nov 24, 2025

Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5... High Unreviewed

CVE-2025-65495 was published Nov 24, 2025

Apache Syncope can be configured to store the user password values in the internal database with... High Unreviewed

CVE-2025-65998 was published Nov 24, 2025

The extract_name function in Fluent Bit in_docker input plugin copies container names into a... High Unreviewed

CVE-2025-12970 was published Nov 24, 2025

Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause... High Unreviewed

CVE-2025-65503 was published Nov 24, 2025

NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to... High Unreviewed

CVE-2025-65493 was published Nov 24, 2025

NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap 4.3.5... High Unreviewed

CVE-2025-65494 was published Nov 24, 2025

Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised... High Unreviewed

CVE-2025-41016 was published Nov 24, 2025

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device... High Unreviewed

CVE-2025-41729 was published Nov 24, 2025

An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a... High Unreviewed

CVE-2025-12739 was published Nov 24, 2025

A Looker user with Developer role could create a database connection using Denodo driver and, by... High Unreviewed

CVE-2025-12741 was published Nov 24, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105,947 advisories