GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,702
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,662
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,507 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Magento executes code via the API File Option Upload Extension Critical

CVE-2021-36042 was published for magento/community-edition (Composer) May 24, 2022

Magento has a file extension restrictions bypass Critical

CVE-2021-36040 was published for magento/community-edition (Composer) May 24, 2022

Magento is affected by an improper input validation vulnerability while saving a customer's details Critical

CVE-2021-36025 was published for magento/community-edition (Composer) May 24, 2022

Magento has an XML Injection vulnerability Critical

CVE-2021-36028 was published for magento/community-edition (Composer) May 24, 2022

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration... Critical Unreviewed

CVE-2025-10230 was published Nov 7, 2025

In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System... Critical Unreviewed

CVE-2025-63691 was published Nov 7, 2025

In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz... Critical Unreviewed

CVE-2025-63690 was published Nov 7, 2025

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects... Critical Unreviewed

CVE-2025-12104 was published Oct 23, 2025

Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU... Critical Unreviewed

CVE-2025-12001 was published Oct 21, 2025

Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU... Critical Unreviewed

CVE-2025-11832 was published Oct 15, 2025

A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed

CVE-2025-24252 was published Apr 29, 2025

Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows... Critical Unreviewed

CVE-2025-3222 was published Nov 7, 2025

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit... Critical Unreviewed

CVE-2025-63689 was published Nov 7, 2025

An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap... Critical Unreviewed

CVE-2025-27918 was published Nov 6, 2025

Incorrect Content-Type header in one of the APIs (`text/html` instead of `application/json`)... Critical Unreviewed

CVE-2025-11925 was published Oct 17, 2025

Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU... Critical Unreviewed

CVE-2025-12479 was published Oct 29, 2025

Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19... Critical Unreviewed

CVE-2025-12478 was published Oct 29, 2025

Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12477 was published Oct 29, 2025

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated... Critical Unreviewed

CVE-2025-34299 was published Nov 7, 2025

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative... Critical Unreviewed

CVE-2025-59396 was published Nov 6, 2025

Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12476 was published Oct 29, 2025

Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12425 was published Oct 28, 2025

Protocol manipulation might lead to denial of service.This issue affects BLU-IC2: through 1.19.5;... Critical Unreviewed

CVE-2025-12423 was published Oct 28, 2025

Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on... Critical Unreviewed

CVE-2025-12422 was published Oct 28, 2025

Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Critical Unreviewed

CVE-2025-12424 was published Oct 28, 2025

Previous 1…9…400 Next

Previous 1 2 … 7 8 9 10 11 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,507 advisories