GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,874
Composer 5,065
Erlang 39
GitHub Actions 38
Go 2,698
Maven 6,138
npm 4,324
NuGet 761
pip 4,099
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,625

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

495 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Step CA Has Authorization Bypass in ACME and SCEP Provisioners Critical

CVE-2025-44005 was published for github.com/smallstep/certificates (Go) Dec 3, 2025

The Iskra iHUB and iHUB Lite smart metering gateway exposes its web management interface without... Critical Unreviewed

CVE-2025-13510 was published Dec 2, 2025

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface,... Critical Unreviewed

CVE-2025-63206 was published Nov 19, 2025

A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation... Critical Unreviewed

CVE-2025-9312 was published Nov 18, 2025

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded... Critical Unreviewed

CVE-2025-58083 was published Nov 15, 2025

A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could... Critical Unreviewed

CVE-2025-20358 was published Nov 5, 2025

The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read... Critical Unreviewed

CVE-2025-55108 was published Nov 5, 2025

The Survision LPR Camera system does not enforce password protection by default. This allows... Critical Unreviewed

CVE-2025-12108 was published Nov 4, 2025

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions,... Critical Unreviewed

CVE-2025-61956 was published Nov 4, 2025

Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the... Critical Unreviewed

CVE-2025-61945 was published Nov 4, 2025

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a... Critical Unreviewed

CVE-2025-11007 was published Nov 4, 2025

A malicious actor with access to the management network could exploit a misconfiguration in UniFi... Critical Unreviewed

CVE-2025-52665 was published Oct 31, 2025

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a... Critical Unreviewed

CVE-2023-7325 was published Oct 31, 2025

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode... Critical Unreviewed

CVE-2021-4461 was published Oct 31, 2025

Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12476 was published Oct 29, 2025

Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12477 was published Oct 29, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-62481 was published Oct 21, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-53072 was published Oct 21, 2025

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed

CVE-2025-61757 was published Oct 21, 2025

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Critical Unreviewed

CVE-2025-53037 was published Oct 21, 2025

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8... Critical Unreviewed

CVE-2025-9574 was published Oct 20, 2025

An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed

CVE-2025-9152 was published Oct 16, 2025

Multiple Broken Authentication security issues exist in the affected product. The security issues... Critical Unreviewed

CVE-2025-7328 was published Oct 14, 2025

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Critical Unreviewed

CVE-2025-40771 was published Oct 14, 2025

A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 <... Critical Unreviewed

CVE-2025-40765 was published Oct 14, 2025

Previous1…20 Next

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

495 advisories