Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,695
Maven
5,000+
npm
4,324
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,405 advisories

Loading
Step CA Has Authorization Bypass in ACME and SCEP Provisioners Critical
CVE-2025-44005 was published for github.com/smallstep/certificates (Go) Dec 3, 2025
Mattermost fails to validate user permissions in Boards Low
CVE-2025-13870 was published for github.com/mattermost/mattermost (Go) Dec 2, 2025
The Iskra iHUB and iHUB Lite smart metering gateway exposes its web management interface without... Critical Unreviewed
CVE-2025-13510 was published Dec 2, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality... High Unreviewed
CVE-2025-54850 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality... High Unreviewed
CVE-2025-54851 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS... High Unreviewed
CVE-2024-49572 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec... High Unreviewed
CVE-2025-23417 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality... High Unreviewed
CVE-2025-54849 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality... High Unreviewed
CVE-2025-54848 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function... High Unreviewed
CVE-2025-55222 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function... High Unreviewed
CVE-2025-55221 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec... High Unreviewed
CVE-2025-20085 was published Dec 1, 2025
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS... High Unreviewed
CVE-2024-48882 was published Dec 1, 2025
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication... Moderate Unreviewed
CVE-2025-12969 was published Nov 24, 2025
ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed
CVE-2020-36871 was published Nov 27, 2025
Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration... High Unreviewed
CVE-2019-25226 was published Nov 27, 2025
Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed
CVE-2019-25227 was published Nov 27, 2025
ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure... High Unreviewed
CVE-2020-36874 was published Nov 27, 2025
Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated... High Unreviewed
CVE-2020-36873 was published Nov 27, 2025
SiRcom SMART Alert (SiSA) allows unauthorized access to backend APIs. This allows an... High Unreviewed
CVE-2025-13483 was published Nov 25, 2025
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR... High Unreviewed
CVE-2024-14007 was published Nov 24, 2025
Xtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical... Moderate Unreviewed
CVE-2025-63435 was published Nov 24, 2025
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed
CVE-2025-61757 was published Oct 21, 2025
The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for... Moderate Unreviewed
CVE-2025-11771 was published Nov 21, 2025
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical.... Moderate Unreviewed
CVE-2025-7897 was published Jul 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database