Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,180 advisories

Loading
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-13645 was published Dec 3, 2025
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-13646 was published Dec 3, 2025
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer... High Unreviewed
CVE-2025-64298 was published Dec 2, 2025
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text... High Unreviewed
CVE-2025-64778 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure... High Unreviewed
CVE-2025-64642 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user... High Unreviewed
CVE-2025-62575 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data... High Unreviewed
CVE-2025-61940 was published Dec 2, 2025
Within HostnameError.Error(), when constructing an error string, there is no limit to the number... High Unreviewed
CVE-2025-61729 was published Dec 2, 2025
Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote... High Unreviewed
CVE-2025-13633 was published Dec 2, 2025
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to... High Unreviewed
CVE-2025-13630 was published Dec 2, 2025
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41... High Unreviewed
CVE-2025-13631 was published Dec 2, 2025
Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker... High Unreviewed
CVE-2025-13638 was published Dec 2, 2025
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially... High Unreviewed
CVE-2025-13721 was published Dec 2, 2025
Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had... High Unreviewed
CVE-2025-13720 was published Dec 2, 2025
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is... High Unreviewed
CVE-2025-34352 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59702 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59697 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11785 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11786 was published Dec 2, 2025
A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of... High Unreviewed
CVE-2025-12465 was published Dec 2, 2025
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ... High Unreviewed
CVE-2025-11788 was published Dec 2, 2025
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile'... High Unreviewed
CVE-2025-11789 was published Dec 2, 2025
SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an... High Unreviewed
CVE-2025-41013 was published Dec 2, 2025
Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an... High Unreviewed
CVE-2025-41012 was published Dec 2, 2025
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2... High Unreviewed
CVE-2025-11787 was published Dec 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database