GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,336

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,069 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor.... High Unreviewed

CVE-2025-66423 was published Nov 30, 2025

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to... High Unreviewed

CVE-2025-12183 was published Nov 28, 2025

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file()... High Unreviewed

CVE-2025-12638 was published Nov 28, 2025

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0. High Unreviewed

CVE-2025-51735 was published Nov 28, 2025

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for... High Unreviewed

CVE-2025-66384 was published Nov 28, 2025

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated... High Unreviewed

CVE-2025-13768 was published Nov 28, 2025

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated... High Unreviewed

CVE-2025-13771 was published Nov 28, 2025

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed

CVE-2025-13769 was published Nov 28, 2025

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed

CVE-2025-13770 was published Nov 28, 2025

Vulnerability of improper criterion security check in the call module. Impact: Successful... High Unreviewed

CVE-2025-58308 was published Nov 28, 2025

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this... High Unreviewed

CVE-2025-58302 was published Nov 28, 2025

Permission control vulnerability in the distributed component. Impact: Successful exploitation of... High Unreviewed

CVE-2025-58310 was published Nov 28, 2025

DoS vulnerability in the video-related system service module. Impact: Successful exploitation of... High Unreviewed

CVE-2025-58316 was published Nov 28, 2025

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of... High Unreviewed

CVE-2025-58303 was published Nov 28, 2025

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of... High Unreviewed

CVE-2025-66359 was published Nov 28, 2025

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-13692 was published Nov 27, 2025

Improper input sanitization in the file archives upload functionality of Eaton Galileo software... High Unreviewed

CVE-2025-59890 was published Nov 27, 2025

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-13536 was published Nov 27, 2025

The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to Payment Bypass in all... High Unreviewed

CVE-2025-7820 was published Nov 27, 2025

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One... High Unreviewed

CVE-2025-12758 was published Nov 27, 2025

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and... High Unreviewed

CVE-2025-13680 was published Nov 27, 2025

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing... High Unreviewed

CVE-2025-66314 was published Nov 27, 2025

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the... High Unreviewed

CVE-2025-0658 was published Nov 27, 2025

A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01... High Unreviewed

CVE-2025-0657 was published Nov 27, 2025

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated... High Unreviewed

CVE-2020-36873 was published Nov 27, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106,069 advisories