GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,739
Composer 5,031
Erlang 39
GitHub Actions 38
Go 2,675
Maven 6,116
npm 4,297
NuGet 760
pip 4,077
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,086

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,034 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow... Critical Unreviewed

CVE-2025-62691 was published Nov 25, 2025

Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow... Critical Unreviewed

CVE-2025-64693 was published Nov 25, 2025

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by... Critical Unreviewed

CVE-2025-59366 was published Nov 25, 2025

The EduKart Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,... Critical Unreviewed

CVE-2025-13559 was published Nov 25, 2025

The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions... Critical Unreviewed

CVE-2025-6389 was published Nov 25, 2025

lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper... Critical Unreviewed

CVE-2025-9803 was published Nov 25, 2025

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54347 was published Nov 25, 2025

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi... Critical Unreviewed

CVE-2023-7330 was published Nov 24, 2025

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR... Critical Unreviewed

CVE-2018-25126 was published Nov 24, 2025

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (... Critical Unreviewed

CVE-2025-63958 was published Nov 24, 2025

iStats contains an insecure XPC service that allows local, unprivileged users to escalate their... Critical Unreviewed

CVE-2025-11921 was published Nov 24, 2025

Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs... Critical Unreviewed

CVE-2025-12977 was published Nov 24, 2025

The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9... Critical Unreviewed

CVE-2025-11127 was published Nov 21, 2025

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-11456 was published Nov 21, 2025

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict... Critical Unreviewed

CVE-2025-64310 was published Nov 21, 2025

Azure Bastion Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-49752 was published Nov 21, 2025

Microsoft SharePoint Online Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-59245 was published Nov 21, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability... Critical Unreviewed

CVE-2025-10571 was published Nov 20, 2025

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly... Critical Unreviewed

CVE-2025-34320 was published Nov 20, 2025

An attacker could take over a Looker account in a Looker instance configured with OIDC... Critical Unreviewed

CVE-2025-12414 was published Nov 20, 2025

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code... Critical Unreviewed

CVE-2025-63213 was published Nov 19, 2025

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface,... Critical Unreviewed

CVE-2025-63206 was published Nov 19, 2025

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to... Critical Unreviewed

CVE-2025-63207 was published Nov 19, 2025

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is... Critical Unreviewed

CVE-2025-63210 was published Nov 19, 2025

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An... Critical Unreviewed

CVE-2025-13315 was published Nov 19, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,034 advisories