Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,810 advisories

Loading
Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1... Critical Unreviewed
CVE-2025-29270 was published Oct 31, 2025
The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12521 was published Oct 31, 2025
In Nagios Log Server versions prior to 2024R2.0.3, when a user's configured default dashboard is... Moderate Unreviewed
CVE-2025-34272 was published Oct 31, 2025
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile... High Unreviewed
CVE-2024-30135 was published Oct 30, 2025
The following HP Card Readers B Models (X3D03B & Y7C05B) are potentially vulnerable to... Moderate Unreviewed
CVE-2025-11998 was published Oct 30, 2025
On affected platforms, restricted users could view sensitive portions of the config database via... Moderate Unreviewed
CVE-2025-54548 was published Oct 30, 2025
LiteLLM Information health API_KEY Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2025-11203 was published Oct 29, 2025
In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly... Moderate Unreviewed
CVE-2025-12147 was published Oct 29, 2025
In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on... Moderate Unreviewed
CVE-2025-12148 was published Oct 29, 2025
An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized... High Unreviewed
CVE-2025-60805 was published Oct 28, 2025
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Moderate Unreviewed
CVE-2025-11639 was published Oct 12, 2025
Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext... High Unreviewed
CVE-2025-60858 was published Oct 28, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This... Low Unreviewed
CVE-2025-8515 was published Aug 4, 2025
The WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in versions... Moderate Unreviewed
CVE-2023-7320 was published Oct 29, 2025
TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp... High Unreviewed
CVE-2025-27225 was published Oct 27, 2025
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which... High Unreviewed
CVE-2025-52268 was published Oct 27, 2025
Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on... High Unreviewed
CVE-2025-61482 was published Oct 27, 2025
An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-61481 was published Oct 27, 2025
Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed
CVE-2025-12363 was published Oct 27, 2025
A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-12297 was published Oct 27, 2025
A vulnerability was detected in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca.... Moderate Unreviewed
CVE-2025-12276 was published Oct 27, 2025
The eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams plugin for WordPress... Moderate Unreviewed
CVE-2025-11760 was published Oct 25, 2025
Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of... High Unreviewed
CVE-2025-11145 was published Oct 24, 2025
Captive Portal can expose sensitive information High Unreviewed
CVE-2025-6980 was published Oct 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database