GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,153
Composer 4,889
Erlang 37
GitHub Actions 38
Go 2,546
Maven 6,010
npm 4,215
NuGet 744
pip 3,990
Pub 12
RubyGems 950
Rust 1,038
Swift 45

Unreviewed advisories

All unreviewed 272,760

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,965 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4... Low Unreviewed

CVE-2025-32916 was published Oct 9, 2025

In Gemini iOS, when a user shared a snippet of a conversation, it would share the entire... Low Unreviewed

CVE-2025-5009 was published Oct 8, 2025

A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This... Low Unreviewed

CVE-2025-11489 was published Oct 8, 2025

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written... Low Unreviewed

CVE-2025-62187 was published Oct 7, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Low Unreviewed

CVE-2025-43910 was published Oct 7, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Low Unreviewed

CVE-2025-43909 was published Oct 7, 2025

Generation of Predictable Numbers or Identifiers vulnerability in B&R Industrial Automation... Low Unreviewed

CVE-2025-3449 was published Oct 7, 2025

The YoSmart YoLink Smart Hub device 0382 exposes a UART debug interface. An attacker with direct... Low Unreviewed

CVE-2025-59447 was published Oct 6, 2025

The YoSmart YoLink application through 2025-10-02 has session tokens with unexpectedly long... Low Unreviewed

CVE-2025-59451 was published Oct 6, 2025

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to... Low Unreviewed

CVE-2025-61985 was published Oct 6, 2025

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain... Low Unreviewed

CVE-2025-61984 was published Oct 6, 2025

A user with the appropriate authorization can create any number of user accounts via an API ... Low Unreviewed

CVE-2025-58578 was published Oct 6, 2025

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace... Low Unreviewed

CVE-2025-58589 was published Oct 6, 2025

A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function... Low Unreviewed

CVE-2025-11281 was published Oct 5, 2025

HCL MyXalytics 6.6. product is affected by Use of Vulnerable/Outdated Versions Vulnerability Low Unreviewed

CVE-2025-52658 was published Oct 3, 2025

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup... Low Unreviewed

CVE-2025-10306 was published Oct 3, 2025

A regular Zabbix user can search other users in their user group via Zabbix API by select fields... Low Unreviewed

CVE-2025-27236 was published Oct 3, 2025

CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version... Low Unreviewed

CVE-2025-54087 was published Oct 2, 2025

Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to... Low Unreviewed

CVE-2025-11239 was published Oct 2, 2025

IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files... Low Unreviewed

CVE-2023-50301 was published Oct 1, 2025

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an... Low Unreviewed

CVE-2025-23291 was published Sep 30, 2025

The EKEN video doorbell T6 BT60PLUS_MAIN_V1.0_GC1084_20230531 periodically sends debug logs to... Low Unreviewed

CVE-2025-56675 was published Sep 30, 2025

Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability,... Low Unreviewed

CVE-2025-11195 was published Sep 30, 2025

IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could... Low Unreviewed

CVE-2025-36144 was published Sep 27, 2025

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow... Low Unreviewed

CVE-2025-36326 was published Sep 26, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,965 advisories