Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,722
Maven
5,000+
npm
4,330
NuGet
762
pip
4,107
Pub
12
RubyGems
959
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,883 advisories

Loading
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands High
CVE-2025-66623 was published for io.strimzi:strimzi (Maven) Dec 5, 2025
scholzj ppatierno
im-konge
Credited to scholzj, ppatierno, and im-konge
The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be... High Unreviewed
CVE-2025-10285 was published Dec 5, 2025
libcrux incorrectly calculates on aarch64 High
GHSA-2cgv-28vr-rv6j was published for libcrux-intrinsics (Rust) Dec 4, 2025
An issue was discovered in file users.json in GroceryMart commit 21934e6 (2020-10-23) allowing... High Unreviewed
CVE-2025-65278 was published Nov 26, 2025
The OneClick Chat to Order plugin for WordPress is vulnerable to Insecure Direct Object Reference... High Unreviewed
CVE-2025-13526 was published Nov 22, 2025
The ELCA Star Transmitter Remote Control firmware 1.25 for STAR150, BP1000, STAR300, STAR2000,... High Unreviewed
CVE-2025-63209 was published Nov 19, 2025
An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe,... High Unreviewed
CVE-2025-63205 was published Nov 19, 2025
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store... High Unreviewed
CVE-2025-63891 was published Nov 14, 2025
An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1... High Unreviewed
CVE-2025-54345 was published Nov 14, 2025
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the... High Unreviewed
CVE-2025-11697 was published Nov 11, 2025
KubeVirt Vulnerable to Arbitrary Host File Read and Write High
CVE-2025-64324 was published for kubevirt.io/kubevirt (Go) Nov 7, 2025
mihailkirov Faeris95
jean-edouard
Credited to mihailkirov, Faeris95, and jean-edouard
The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is... High Unreviewed
CVE-2025-12139 was published Nov 5, 2025
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080,... High Unreviewed
CVE-2025-54323 was published Nov 4, 2025
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... High Unreviewed
CVE-2025-43468 was published Nov 4, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43449 was published Nov 4, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 26,... High Unreviewed
CVE-2025-43323 was published Nov 4, 2025
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile... High Unreviewed
CVE-2024-30135 was published Oct 30, 2025
An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized... High Unreviewed
CVE-2025-60805 was published Oct 28, 2025
Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext... High Unreviewed
CVE-2025-60858 was published Oct 28, 2025
TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp... High Unreviewed
CVE-2025-27225 was published Oct 27, 2025
Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on... High Unreviewed
CVE-2025-61482 was published Oct 27, 2025
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which... High Unreviewed
CVE-2025-52268 was published Oct 27, 2025
Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of... High Unreviewed
CVE-2025-11145 was published Oct 24, 2025
Captive Portal can expose sensitive information High Unreviewed
CVE-2025-6980 was published Oct 23, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-53066 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database