Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,904
Erlang
38
GitHub Actions
38
Go
2,566
Maven
5,000+
npm
4,237
NuGet
753
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,006 advisories

Loading
There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration... Low Unreviewed
CVE-2025-26710 was published Sep 16, 2025
Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for... Low Unreviewed
CVE-2025-59453 was published Sep 16, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59436 was published Sep 16, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59437 was published Sep 16, 2025
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in... Low Unreviewed
CVE-2025-43349 was published Sep 16, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Low Unreviewed
CVE-2025-43357 was published Sep 16, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Low Unreviewed
CVE-2025-43344 was published Sep 16, 2025
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... Low Unreviewed
CVE-2025-43283 was published Sep 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43301 was published Sep 16, 2025
libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is... Low Unreviewed
CVE-2025-59399 was published Sep 15, 2025
The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via... Low Unreviewed
CVE-2025-59398 was published Sep 15, 2025
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged... Low Unreviewed
CVE-2025-0164 was published Sep 14, 2025
A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in... Low Unreviewed
CVE-2025-4234 was published Sep 12, 2025
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some... Low Unreviewed
CVE-2025-10320 was published Sep 12, 2025
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that... Low Unreviewed
CVE-2025-27238 was published Sep 12, 2025
The jQuery Colorbox WordPress plugin through 4.6.3 uses the colorbox library, which does not... Low Unreviewed
CVE-2025-3650 was published Sep 12, 2025
A vulnerability has been found in roncoo roncoo-pay up to... Low Unreviewed
CVE-2025-10287 was published Sep 12, 2025
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows... Low Unreviewed
CVE-2025-21026 was published Sep 11, 2025
Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows... Low Unreviewed
CVE-2025-21029 was published Sep 11, 2025
A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of... Low Unreviewed
CVE-2025-10252 was published Sep 11, 2025
A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected... Low Unreviewed
CVE-2025-10250 was published Sep 11, 2025
A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown... Low Unreviewed
CVE-2025-10216 was published Sep 10, 2025
A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly... Low Unreviewed
CVE-2025-8277 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40802 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database