GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,859

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,152 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... Critical Unreviewed

CVE-2025-61809 was published Dec 10, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload... Critical Unreviewed

CVE-2025-61808 was published Dec 10, 2025

COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote... Critical Unreviewed

CVE-2021-47707 was published Dec 9, 2025

COMMAX Smart Home System CDP-1020n contains an SQL injection vulnerability that allows attackers... Critical Unreviewed

CVE-2021-47708 was published Dec 9, 2025

Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in... Critical Unreviewed

CVE-2021-47728 was published Dec 9, 2025

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to... Critical Unreviewed

CVE-2023-53771 was published Dec 9, 2025

Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that... Critical Unreviewed

CVE-2023-53739 was published Dec 9, 2025

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows... Critical Unreviewed

CVE-2021-47731 was published Dec 9, 2025

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0,... Critical Unreviewed

CVE-2025-59719 was published Dec 9, 2025

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0... Critical Unreviewed

CVE-2025-59718 was published Dec 9, 2025

Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard)... Critical Unreviewed

CVE-2025-34414 was published Dec 9, 2025

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in... Critical Unreviewed

CVE-2025-42928 was published Dec 9, 2025

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), JT... Critical Unreviewed

CVE-2025-40801 was published Dec 9, 2025

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX... Critical Unreviewed

CVE-2025-40800 was published Dec 9, 2025

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Critical Unreviewed

CVE-2025-40938 was published Dec 9, 2025

An integer overflow vulnerability exists in the write method of the Buffer class in Robocode... Critical Unreviewed

CVE-2025-14308 was published Dec 9, 2025

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb... Critical Unreviewed

CVE-2025-14310 was published Dec 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-12504 was published Dec 9, 2025

Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote... Critical Unreviewed

CVE-2025-10573 was published Dec 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site... Critical Unreviewed

CVE-2025-11022 was published Dec 9, 2025

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert... Critical Unreviewed

CVE-2025-42880 was published Dec 9, 2025

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Critical Unreviewed

CVE-2022-29873 was published May 21, 2022

SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting... Critical Unreviewed

CVE-2025-64081 was published Dec 8, 2025

In multiple locations, there is a possible way to launch an application from the background due... Critical Unreviewed

CVE-2025-48626 was published Dec 8, 2025

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer... Critical Unreviewed

CVE-2022-37055 was published Aug 29, 2022

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,152 advisories