GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,507
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,099
npm 4,255
NuGet 760
pip 4,038
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,723

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,862 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Denial of service of the web server through specific requests to this protocol Critical Unreviewed

CVE-2025-64388 was published Oct 31, 2025

A compromised web process was able to trigger out of bounds reads and writes in a more privileged... Critical Unreviewed

CVE-2025-11709 was published Oct 14, 2025

A compromised web process using malicious IPC messages could have caused the privileged browser... Critical Unreviewed

CVE-2025-11710 was published Oct 14, 2025

Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144,... Critical Unreviewed

CVE-2025-11708 was published Oct 14, 2025

In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI... Critical Unreviewed

CVE-2024-57823 was published Jan 10, 2025

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras... Critical Unreviewed

CVE-2025-12463 was published Nov 3, 2025

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. Critical Unreviewed

CVE-2025-63451 was published Nov 3, 2025

The Metro Development Server, which is opened by the React Native CLI, binds to external... Critical Unreviewed

CVE-2025-11953 was published Nov 3, 2025

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the... Critical Unreviewed

CVE-2025-64385 was published Oct 31, 2025

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit... Critical Unreviewed

CVE-2025-10640 was published Oct 21, 2025

IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks... Critical Unreviewed

CVE-2025-27558 was published May 21, 2025

Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by... Critical Unreviewed

CVE-2025-46801 was published May 19, 2025

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer... Critical Unreviewed

CVE-2024-38541 was published Jun 19, 2024

FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based... Critical Unreviewed

CVE-2025-23016 was published Jan 10, 2025

The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to,... Critical Unreviewed

CVE-2025-8900 was published Nov 3, 2025

Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand... Critical Unreviewed

CVE-2025-0987 was published Nov 3, 2025

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1... Critical Unreviewed

CVE-2025-12600 was published Nov 1, 2025

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1... Critical Unreviewed

CVE-2025-12601 was published Nov 1, 2025

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2... Critical Unreviewed

CVE-2025-12599 was published Nov 1, 2025

The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for... Critical Unreviewed

CVE-2025-11499 was published Nov 1, 2025

The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for... Critical Unreviewed

CVE-2025-11833 was published Nov 1, 2025

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1... Critical Unreviewed

CVE-2025-29270 was published Oct 31, 2025

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed

CVE-2025-64348 was published Oct 31, 2025

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in... Critical Unreviewed

CVE-2025-57108 was published Oct 31, 2025

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed

CVE-2025-41108 was published Oct 22, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,862 advisories