Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,321 advisories

Loading
A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the... High Unreviewed
CVE-2025-14188 was published Dec 7, 2025
A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function... High Unreviewed
CVE-2025-14187 was published Dec 7, 2025
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix... High Unreviewed
CVE-2025-38593 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton()... High Unreviewed
CVE-2025-38556 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in... High Unreviewed
CVE-2025-21887 was published Mar 27, 2025
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in... High Unreviewed
CVE-2025-37899 was published May 20, 2025
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. The affected element is the function... High Unreviewed
CVE-2025-14140 was published Dec 6, 2025
A flaw has been found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of... High Unreviewed
CVE-2025-14141 was published Dec 6, 2025
A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000... High Unreviewed
CVE-2025-14136 was published Dec 6, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... High Unreviewed
CVE-2025-14133 was published Dec 6, 2025
A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0... High Unreviewed
CVE-2025-14134 was published Dec 6, 2025
A vulnerability was identified in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0... High Unreviewed
CVE-2025-14135 was published Dec 6, 2025
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-12966 was published Dec 6, 2025
The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions... High Unreviewed
CVE-2025-13065 was published Dec 6, 2025
A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an... High Unreviewed
CVE-2025-14126 was published Dec 6, 2025
The Rich Shortcodes for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-12499 was published Dec 6, 2025
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-12510 was published Dec 6, 2025
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to... High Unreviewed
CVE-2025-13292 was published Dec 6, 2025
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak... High Unreviewed
CVE-2021-47295 was published May 21, 2024
A flaw was found in Undertow that can cause remote denial of service attacks. When the server... High Unreviewed
CVE-2024-3884 was published Dec 3, 2025
Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows... High Unreviewed
CVE-2025-57210 was published Dec 4, 2025
Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows... High Unreviewed
CVE-2025-57212 was published Dec 4, 2025
Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows... High Unreviewed
CVE-2025-57213 was published Dec 4, 2025
A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet... High Unreviewed
CVE-2025-63363 was published Dec 4, 2025
A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function... High Unreviewed
CVE-2025-14106 was published Dec 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database