Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,912
Erlang
39
GitHub Actions
38
Go
2,569
Maven
5,000+
npm
4,245
NuGet
754
pip
4,006
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,439 advisories

Loading
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-9428 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix potential out... High Unreviewed
CVE-2022-49503 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology:... High Unreviewed
CVE-2022-49518 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of... High Unreviewed
CVE-2022-49515 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10k_halt... High Unreviewed
CVE-2022-49519 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit()... High Unreviewed
CVE-2022-49267 was published Oct 21, 2025
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication... High Unreviewed
CVE-2025-11949 was published Oct 21, 2025
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed
CVE-2025-8078 was published Oct 21, 2025
A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5... High Unreviewed
CVE-2025-9133 was published Oct 21, 2025
An arbitrary OS command may be executed on the product by the user who can log in to the web... High Unreviewed
CVE-2025-6541 was published Oct 21, 2025
An attacker may obtain the root shell on the underlying OS system with the restricted conditions... High Unreviewed
CVE-2025-7851 was published Oct 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-62658 was published Oct 20, 2025
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... High Unreviewed
CVE-2025-62697 was published Oct 20, 2025
An issue in Senayan Library Management System (SLiMS) 9 Bulian v.9.6.1 allows a remote attacker... High Unreviewed
CVE-2025-61488 was published Oct 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47902 was published Oct 20, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2025-47901 was published Oct 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-3465 was published Oct 20, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2025-47900 was published Oct 20, 2025
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2025-26782 was published Oct 20, 2025
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980,... High Unreviewed
CVE-2024-55568 was published Oct 20, 2025
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2025-26781 was published Oct 20, 2025
Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the... High Unreviewed
CVE-2025-11678 was published Oct 20, 2025
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co.... High Unreviewed
CVE-2025-41390 was published Oct 20, 2025
Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts... High Unreviewed
CVE-2025-56219 was published Oct 20, 2025
A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows... High Unreviewed
CVE-2025-56223 was published Oct 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database