GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,700
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,660
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,659

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,507 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection... Critical Unreviewed

CVE-2025-60039 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2025-52741 was published Oct 22, 2025

Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed

CVE-2025-52738 was published Oct 22, 2025

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath... Critical Unreviewed

CVE-2025-49794 was published Jun 16, 2025

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed

CVE-2025-49796 was published Jun 16, 2025

An authentication bypass vulnerability has been identified in certain DSL series routers, may... Critical Unreviewed

CVE-2025-59367 was published Nov 13, 2025

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602... Critical Unreviewed

CVE-2021-4464 was published Nov 13, 2025

Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could... Critical Unreviewed

CVE-2025-42944 was published Sep 9, 2025

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control... Critical Unreviewed

CVE-2025-46608 was published Nov 12, 2025

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed

CVE-2025-12871 was published Nov 12, 2025

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed

CVE-2025-12870 was published Nov 12, 2025

EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing... Critical Unreviewed

CVE-2025-12866 was published Nov 10, 2025

Document Management System developed by Excellent Infotek has an Arbitrary File Upload... Critical Unreviewed

CVE-2025-11948 was published Oct 20, 2025

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw... Critical Unreviewed

CVE-2025-12480 was published Nov 10, 2025

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the... Critical Unreviewed

CVE-2022-35156 was published Oct 1, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Critical Unreviewed

CVE-2022-30230 was published Jun 15, 2022

The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a... Critical Unreviewed

CVE-2018-11544 was published May 13, 2022

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-60724 was published Nov 11, 2025

Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local... Critical Unreviewed

CVE-2025-13032 was published Nov 11, 2025

SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source... Critical Unreviewed

CVE-2024-33485 was published May 14, 2024

Lost and Found Information System 1.0 allows account takeover via username and password to a ... Critical Unreviewed

CVE-2023-38965 was published Nov 3, 2023

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized... Critical Unreviewed

CVE-2025-59287 was published Oct 14, 2025

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated... Critical Unreviewed

CVE-2025-8324 was published Nov 11, 2025

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information... Critical Unreviewed

CVE-2025-12539 was published Nov 11, 2025

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

Previous 1…7…400 Next

Previous 1 2 … 5 6 7 8 9 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,507 advisories