Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,656
Maven
5,000+
npm
4,284
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,490 advisories

Loading
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service ... Critical Unreviewed
CVE-2025-36250 was published Nov 14, 2025
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow... Critical Unreviewed
CVE-2025-36251 was published Nov 14, 2025
File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency Critical
GHSA-6jqf-mv7m-3q7p was published for github.com/filebrowser/filebrowser/v2 (Go) Nov 13, 2025
Francesco-Bellomi hacdias
Credited to Francesco-Bellomi and hacdias
Milvus Proxy has a Critical Authentication Bypass Vulnerability Critical
CVE-2025-64513 was published for github.com/milvus-io/milvus (Go) Nov 13, 2025
pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode Critical
CVE-2025-12762 was published for pgadmin4 (pip) Nov 13, 2025
jonbally
Credited to jonbally
An authentication bypass vulnerability has been identified in certain DSL series routers, may... Critical Unreviewed
CVE-2025-59367 was published Nov 13, 2025
FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602... Critical Unreviewed
CVE-2021-4464 was published Nov 13, 2025
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control... Critical Unreviewed
CVE-2025-46608 was published Nov 12, 2025
free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an... Critical Unreviewed
CVE-2025-63679 was published Nov 12, 2025
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0... Critical Unreviewed
CVE-2025-56385 was published Nov 12, 2025
N-central < 2025.4 is vulnerable to authentication bypass via path traversal Critical Unreviewed
CVE-2025-11366 was published Nov 12, 2025
The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization Critical Unreviewed
CVE-2025-11367 was published Nov 12, 2025
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed
CVE-2025-64280 was published Nov 12, 2025
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed
CVE-2025-64281 was published Nov 12, 2025
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to... Critical Unreviewed
CVE-2025-63289 was published Nov 12, 2025
A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi... Critical Unreviewed
CVE-2025-63353 was published Nov 12, 2025
Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password... Critical Unreviewed
CVE-2025-63666 was published Nov 12, 2025
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed
CVE-2025-12870 was published Nov 12, 2025
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed
CVE-2025-12871 was published Nov 12, 2025
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to... Critical Unreviewed
CVE-2025-60724 was published Nov 11, 2025
Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local... Critical Unreviewed
CVE-2025-13032 was published Nov 11, 2025
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence... Critical Unreviewed
CVE-2025-13027 was published Nov 11, 2025
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This... Critical Unreviewed
CVE-2025-13023 was published Nov 11, 2025
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This... Critical Unreviewed
CVE-2025-13026 was published Nov 11, 2025
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2025-13024 was published Nov 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database