Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,016
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,798 advisories

Loading
TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp... High Unreviewed
CVE-2025-27225 was published Oct 27, 2025
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which... High Unreviewed
CVE-2025-52268 was published Oct 27, 2025
An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-61481 was published Oct 27, 2025
Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on... High Unreviewed
CVE-2025-61482 was published Oct 27, 2025
Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed
CVE-2025-12363 was published Oct 27, 2025
A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-12297 was published Oct 27, 2025
A vulnerability was detected in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca.... Moderate Unreviewed
CVE-2025-12276 was published Oct 27, 2025
The eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams plugin for WordPress... Moderate Unreviewed
CVE-2025-11760 was published Oct 25, 2025
Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of... High Unreviewed
CVE-2025-11145 was published Oct 24, 2025
Captive Portal can expose sensitive information High Unreviewed
CVE-2025-6980 was published Oct 23, 2025
An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job... Moderate Unreviewed
CVE-2025-54966 was published Oct 23, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-61750 was published Oct 21, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-53066 was published Oct 21, 2025
Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item... High Unreviewed
CVE-2025-53043 was published Oct 21, 2025
Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported... Moderate Unreviewed
CVE-2025-53047 was published Oct 21, 2025
Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an... Moderate Unreviewed
CVE-2025-40662 was published Jun 10, 2025
Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications ... Moderate Unreviewed
CVE-2025-61885 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2025-53036 was published Oct 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Moderate Unreviewed
CVE-2025-61764 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle... Moderate Unreviewed
CVE-2025-50074 was published Oct 21, 2025
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2013-0631 was published May 17, 2022
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X... High Unreviewed
CVE-2015-0310 was published May 17, 2022
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers... Moderate Unreviewed
CVE-2013-7331 was published May 14, 2022
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass... High Unreviewed
CVE-2013-0632 was published May 17, 2022
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact... High Unreviewed
CVE-2008-0655 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database