GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,395
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,603
Maven 6,053
npm 4,250
NuGet 755
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,767

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

320 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications ... Moderate Unreviewed

CVE-2025-62287 was published Oct 21, 2025

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed

CVE-2025-53034 was published Oct 21, 2025

Reolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART... Moderate Unreviewed

CVE-2025-60856 was published Oct 20, 2025

HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can... Moderate Unreviewed

CVE-2025-0275 was published Oct 16, 2025

HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control.... Moderate Unreviewed

CVE-2025-0274 was published Oct 16, 2025

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and... Moderate Unreviewed

CVE-2025-11728 was published Oct 15, 2025

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed

CVE-2025-11672 was published Oct 13, 2025

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed

CVE-2025-11671 was published Oct 13, 2025

A vulnerability was found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed

CVE-2025-11661 was published Oct 13, 2025

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for... Moderate Unreviewed

CVE-2025-11171 was published Oct 8, 2025

The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all... Moderate Unreviewed

CVE-2025-10746 was published Oct 4, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed

CVE-2025-34230 was published Sep 29, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed

CVE-2025-34232 was published Sep 29, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed

CVE-2025-34229 was published Sep 29, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed

CVE-2025-34220 was published Sep 29, 2025

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the... Moderate Unreviewed

CVE-2025-60251 was published Sep 26, 2025

The web application allows an unauthenticated remote attacker to learn information about existing... Moderate Unreviewed

CVE-2025-41716 was published Sep 24, 2025

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing... Moderate Unreviewed

CVE-2025-10267 was published Sep 12, 2025

A missing authentication vulnerability was reported in some Lenovo printers that could allow a... Moderate Unreviewed

CVE-2025-9214 was published Sep 11, 2025

A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX... Moderate Unreviewed

CVE-2025-36756 was published Sep 10, 2025

It is possible to bypass the administrator login screen on SolaX Cloud. An attacker could use... Moderate Unreviewed

CVE-2025-36757 was published Sep 10, 2025

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker... Moderate Unreviewed

CVE-2025-42926 was published Sep 9, 2025

The Cloud SAML SSO plugin for WordPress is vulnerable to Identity Provider Deletion due to a... Moderate Unreviewed

CVE-2025-7045 was published Sep 6, 2025

The "serverConfig" endpoint, which returns the module configuration including credentials, is... Moderate Unreviewed

CVE-2025-30048 was published Aug 27, 2025

An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's... Moderate Unreviewed

CVE-2025-51543 was published Aug 19, 2025

Previous1…13 Next

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

320 advisories