GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,068
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
277,539 advisories
Filter by severity
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string(...
High
Unreviewed
CVE-2025-64076
was published
Nov 18, 2025
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php...
Unknown
Unreviewed
CVE-2025-63695
was published
Nov 18, 2025
An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager...
Unknown
Unreviewed
CVE-2025-63994
was published
Nov 18, 2025
Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the...
Unknown
Unreviewed
CVE-2025-63828
was published
Nov 18, 2025
An improper neutralization of crlf sequences ('crlf injection') in Fortinet FortiMail 7.6.0...
Moderate
Unreviewed
CVE-2025-54972
was published
Nov 18, 2025
An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC...
Moderate
Unreviewed
CVE-2025-54971
was published
Nov 18, 2025
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
High
Unreviewed
CVE-2025-56527
was published
Nov 18, 2025
kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php,...
Moderate
Unreviewed
CVE-2025-63512
was published
Nov 18, 2025
A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all...
Moderate
Unreviewed
CVE-2025-59669
was published
Nov 18, 2025
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2025-58034
was published
Nov 18, 2025
kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR)...
Unknown
Unreviewed
CVE-2025-63513
was published
Nov 18, 2025
An improper neutralization of special elements used in an SQL Command ("SQL Injection")...
High
Unreviewed
CVE-2025-58692
was published
Nov 18, 2025
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute...
Moderate
Unreviewed
CVE-2025-56526
was published
Nov 18, 2025
A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4...
High
Unreviewed
CVE-2025-58413
was published
Nov 18, 2025
A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers...
Unknown
Unreviewed
CVE-2025-63258
was published
Nov 18, 2025
Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user...
Unknown
Unreviewed
CVE-2025-56643
was published
Nov 18, 2025
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage.
Unknown
Unreviewed
CVE-2025-63694
was published
Nov 18, 2025
kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch...
Unknown
Unreviewed
CVE-2025-63514
was published
Nov 18, 2025
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow...
Moderate
Unreviewed
CVE-2025-63829
was published
Nov 18, 2025
A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet...
Moderate
Unreviewed
CVE-2025-61713
was published
Nov 18, 2025
An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5...
Moderate
Unreviewed
CVE-2025-46215
was published
Nov 18, 2025
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an...
High
Unreviewed
CVE-2025-33183
was published
Nov 18, 2025
GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing...
High
Unreviewed
CVE-2025-34324
was published
Nov 18, 2025
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows...
Unknown
Unreviewed
CVE-2025-13080
was published
Nov 18, 2025
An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] in Fortinet...
High
Unreviewed
CVE-2025-47761
was published
Nov 18, 2025
ProTip!
Advisories are also available from the
GraphQL API