GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,775
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,080
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,225

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278,225 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack... Moderate Unreviewed

CVE-2025-11411 was published Oct 22, 2025

The reflective cross-site scripting vulnerability found in ALC WebCTRL and Carrier i-Vu in... Moderate Unreviewed

CVE-2024-5540 was published Nov 27, 2025

Improper Input Validation vulnerability in CyberArk CyberArk Secure Web Sessions Extension on... Moderate Unreviewed

CVE-2025-13762 was published Nov 27, 2025

The wp-twitpic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple... Moderate Unreviewed

CVE-2025-12670 was published Nov 27, 2025

The Shouty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the shouty... Moderate Unreviewed

CVE-2025-12712 was published Nov 27, 2025

Anyscale Ray 2.52.0 contains an insecure default configuration in which token-based... Critical Unreviewed

CVE-2025-34351 was published Nov 27, 2025

The SortTable Post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id'... Moderate Unreviewed

CVE-2025-12649 was published Nov 27, 2025

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing... High Unreviewed

CVE-2025-66314 was published Nov 27, 2025

The Reuters Direct plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12578 was published Nov 27, 2025

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-12666 was published Nov 27, 2025

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to... Critical Unreviewed

CVE-2024-5539 was published Nov 27, 2025

The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-12713 was published Nov 27, 2025

The Reuters Direct plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2025-12579 was published Nov 27, 2025

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the... High Unreviewed

CVE-2025-0658 was published Nov 27, 2025

A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01... High Unreviewed

CVE-2025-0657 was published Nov 27, 2025

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are... Unknown Unreviewed

CVE-2025-40934 was published Nov 27, 2025

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed

CVE-2020-36871 was published Nov 27, 2025

Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration... High Unreviewed

CVE-2019-25226 was published Nov 27, 2025

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in... High Unreviewed

CVE-2019-25227 was published Nov 27, 2025

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated... High Unreviewed

CVE-2020-36873 was published Nov 27, 2025

ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure... High Unreviewed

CVE-2020-36874 was published Nov 27, 2025

BACnet Test Server versions up to and including 1.01 contains a remote denial of service... High Unreviewed

CVE-2020-36872 was published Nov 27, 2025

In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in... Moderate Unreviewed

CVE-2025-38567 was published Aug 19, 2025

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack... High Unreviewed

CVE-2025-38568 was published Aug 19, 2025

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix double... High Unreviewed

CVE-2025-38582 was published Aug 19, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278,225 advisories