GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,833
Composer 5,055
Erlang 39
GitHub Actions 38
Go 2,685
Maven 6,134
npm 4,318
NuGet 760
pip 4,092
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,503

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,084 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an... Critical Unreviewed

CVE-2025-41742 was published Dec 2, 2025

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged... Critical Unreviewed

CVE-2025-41744 was published Dec 2, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php... Critical Unreviewed

CVE-2025-63535 was published Dec 1, 2025

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when... Critical Unreviewed

CVE-2025-8351 was published Dec 1, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel... Critical Unreviewed

CVE-2025-63532 was published Dec 1, 2025

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows... Critical Unreviewed

CVE-2025-3500 was published Dec 1, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the... Critical Unreviewed

CVE-2025-63531 was published Dec 1, 2025

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to... Critical Unreviewed

CVE-2025-63525 was published Dec 1, 2025

Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to... Critical Unreviewed

CVE-2025-12106 was published Dec 1, 2025

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by... Critical Unreviewed

CVE-2025-35028 was published Dec 1, 2025

The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in... Critical Unreviewed

CVE-2025-13615 was published Nov 30, 2025

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to... Critical Unreviewed

CVE-2025-66385 was published Nov 28, 2025

Permission control vulnerability in the memory management module. Impact: Successful exploitation... Critical Unreviewed

CVE-2025-64314 was published Nov 28, 2025

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool... Critical Unreviewed

CVE-2025-8890 was published Nov 27, 2025

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the... Critical Unreviewed

CVE-2025-12140 was published Nov 27, 2025

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2025-13539 was published Nov 27, 2025

The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed

CVE-2025-13538 was published Nov 27, 2025

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed

CVE-2025-13540 was published Nov 27, 2025

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and... Critical Unreviewed

CVE-2025-13675 was published Nov 27, 2025

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to... Critical Unreviewed

CVE-2024-5539 was published Nov 27, 2025

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are... Critical Unreviewed

CVE-2025-40934 was published Nov 27, 2025

An unauthenticated administrative access vulnerability exists in the open-source HashTech project... Critical Unreviewed

CVE-2025-65276 was published Nov 26, 2025

Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting vulnerability, which could... Critical Unreviewed

CVE-2025-64130 was published Nov 26, 2025

An OS command injection vulnerability exists due to improper input validation. The application... Critical Unreviewed

CVE-2025-64126 was published Nov 26, 2025

An OS command injection vulnerability exists due to incomplete validation of user-supplied input... Critical Unreviewed

CVE-2025-64128 was published Nov 26, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,084 advisories