GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,997
Composer 5,075
Erlang 39
GitHub Actions 38
Go 2,744
Maven 6,162
npm 4,341
NuGet 765
pip 4,113
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,095

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

338 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows... Moderate Unreviewed

CVE-2023-53774 was published Dec 9, 2025

Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem +... Moderate Unreviewed

CVE-2025-12941 was published Dec 9, 2025

The SAP Internet Communication Framework does not conduct any authentication checks for features... Moderate Unreviewed

CVE-2025-42875 was published Dec 9, 2025

In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a... Moderate Unreviewed

CVE-2025-48608 was published Dec 8, 2025

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local... Moderate Unreviewed

CVE-2025-64056 was published Dec 5, 2025

Xtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical... Moderate Unreviewed

CVE-2025-63435 was published Nov 24, 2025

Fluent Bit in_forward input plugin does not properly enforce the security.users authentication... Moderate Unreviewed

CVE-2025-12969 was published Nov 24, 2025

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for... Moderate Unreviewed

CVE-2025-11771 was published Nov 21, 2025

The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for... Moderate Unreviewed

CVE-2025-12349 was published Nov 19, 2025

Screen SFT DAB 600/C firmware versions up to and including 1.9.3 contain an improper access... Moderate Unreviewed

CVE-2023-7328 was published Nov 15, 2025

The Crypto plugin for WordPress is vulnerable to Information exposure in all versions up to, and... Moderate Unreviewed

CVE-2025-11986 was published Nov 11, 2025

Due to missing authentication, SAP HANA 2.0 (hdbrss) allows an unauthenticated attacker to call a... Moderate Unreviewed

CVE-2025-42885 was published Nov 11, 2025

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a... Moderate Unreviewed

CVE-2025-12447 was published Nov 10, 2025

Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who... Moderate Unreviewed

CVE-2025-12436 was published Nov 10, 2025

Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote... Moderate Unreviewed

CVE-2025-12444 was published Nov 10, 2025

Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications ... Moderate Unreviewed

CVE-2025-62287 was published Oct 21, 2025

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed

CVE-2025-53034 was published Oct 21, 2025

Reolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART... Moderate Unreviewed

CVE-2025-60856 was published Oct 20, 2025

HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can... Moderate Unreviewed

CVE-2025-0275 was published Oct 16, 2025

HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control.... Moderate Unreviewed

CVE-2025-0274 was published Oct 16, 2025

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and... Moderate Unreviewed

CVE-2025-11728 was published Oct 15, 2025

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed

CVE-2025-11671 was published Oct 13, 2025

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed

CVE-2025-11672 was published Oct 13, 2025

A vulnerability was found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed

CVE-2025-11661 was published Oct 13, 2025

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for... Moderate Unreviewed

CVE-2025-11171 was published Oct 8, 2025

Previous1…14 Next

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

338 advisories