GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,487
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,614
Maven 6,093
npm 4,254
NuGet 760
pip 4,031
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,609

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

275,609 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain... High Unreviewed

CVE-2025-33003 was published Oct 31, 2025

An XSS issue was discovered in Afterlogic Aurora webmail version 9.8.3 and below. An attacker can... Moderate Unreviewed

CVE-2025-12460 was published Oct 31, 2025

The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12521 was published Oct 31, 2025

DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by... Unknown Unreviewed

CVE-2025-60749 was published Oct 31, 2025

Tampering of the registry entries might have led to preventing the ESET security products from... Moderate Unreviewed

CVE-2025-4952 was published Oct 31, 2025

IBM Jazz for Service Management 1.1.3.0 through 1.1.3.25 does not set the secure attribute on... Low Unreviewed

CVE-2025-36249 was published Oct 31, 2025

Nagios XI versions prior to < 2024R1.1 is vulnerable to a cross-site scripting (XSS) when a user... Moderate Unreviewed

CVE-2024-13992 was published Oct 31, 2025

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability... Unknown Unreviewed

CVE-2025-57107 was published Oct 31, 2025

Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in... Unknown Unreviewed

CVE-2025-57106 was published Oct 31, 2025

A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0... Unknown Unreviewed

CVE-2025-61427 was published Oct 31, 2025

Integer overflow in GameMaker IDE below 2024.14.0 version can lead to can lead to application... High Unreviewed

CVE-2025-12501 was published Oct 31, 2025

The equipment grants a JWT token for each connection in the timeline, but during an active valid... High Unreviewed

CVE-2025-64386 was published Oct 31, 2025

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in... Unknown Unreviewed

CVE-2025-57108 was published Oct 31, 2025

Denial of service of the web server through specific requests to this protocol Critical Unreviewed

CVE-2025-64388 was published Oct 31, 2025

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the... Critical Unreviewed

CVE-2025-64385 was published Oct 31, 2025

The web server of the device performs exchanges of sensitive information in clear text through an... High Unreviewed

CVE-2025-64389 was published Oct 31, 2025

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack,... Moderate Unreviewed

CVE-2025-64387 was published Oct 31, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2025-64363 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-64362 was published Oct 31, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-64366 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-64365 was published Oct 31, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2025-64364 was published Oct 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site... Unknown Unreviewed

CVE-2025-64368 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-64367 was published Oct 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner advanced... Unknown Unreviewed

CVE-2025-64357 was published Oct 31, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275,609 advisories