Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

500 advisories

Loading
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Critical Unreviewed
CVE-2025-53037 was published Oct 21, 2025
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8... Critical Unreviewed
CVE-2025-9574 was published Oct 20, 2025
An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed
CVE-2025-9152 was published Oct 16, 2025
Multiple Broken Authentication security issues exist in the affected product. The security issues... Critical Unreviewed
CVE-2025-7328 was published Oct 14, 2025
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Critical Unreviewed
CVE-2025-40771 was published Oct 14, 2025
A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 <... Critical Unreviewed
CVE-2025-40765 was published Oct 14, 2025
Azure Entra ID Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-59246 was published Oct 9, 2025
Newforma Info Exchange (NIX) accepts serialized .NET data via the '/remoteweb/remote.rem'... Critical Unreviewed
CVE-2025-35050 was published Oct 9, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34223 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34224 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed
CVE-2025-34215 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34222 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and... Critical Unreviewed
CVE-2025-34221 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed
CVE-2025-34218 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed
CVE-2025-34216 was published Sep 29, 2025
A missing authentication for critical function vulnerability in SUNNET Corporate Training... Critical Unreviewed
CVE-2025-54942 was published Sep 25, 2025
The database for the web application is exposed without authentication, allowing an... Critical Unreviewed
CVE-2025-41715 was published Sep 24, 2025
Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts... Critical Unreviewed
CVE-2025-57432 was published Sep 22, 2025
General Bytes Crypto Application Server (CAS) beginning with version 20201208 prior to 20220531... Critical Unreviewed
CVE-2022-4980 was published Sep 19, 2025
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing... Critical Unreviewed
CVE-2025-9971 was published Sep 17, 2025
Statistical Database System developed by Gotac has a Missing Authentication vulnerability,... Critical Unreviewed
CVE-2025-10452 was published Sep 15, 2025
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover Critical
CVE-2025-58434 was published for flowise (npm) Sep 12, 2025
zaddy6 arthurgervais
Credited to zaddy6 and arthurgervais
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-8861 was published Aug 29, 2025
Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows... Critical Unreviewed
CVE-2025-30039 was published Aug 27, 2025
The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat... Critical Unreviewed
CVE-2025-30041 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database