Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126 advisories

Loading
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute... High Unreviewed
CVE-2025-61228 was published Dec 1, 2025
The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure... High Unreviewed
CVE-2025-63434 was published Nov 24, 2025
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance... Moderate Unreviewed
CVE-2025-40604 was published Nov 20, 2025
The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via... High Unreviewed
CVE-2025-63220 was published Nov 19, 2025
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via... High Unreviewed
CVE-2025-63215 was published Nov 19, 2025
An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows... High Unreviewed
CVE-2025-52263 was published Oct 27, 2025
The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from... High Unreviewed
CVE-2025-11493 was published Oct 16, 2025
NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital... Critical Unreviewed
CVE-2025-56513 was published Sep 30, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and... High Unreviewed
CVE-2025-34212 was published Sep 29, 2025
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code... High Unreviewed
CVE-2025-57431 was published Sep 22, 2025
A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary... High Unreviewed
CVE-2025-9319 was published Sep 11, 2025
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air... High Unreviewed
CVE-2025-30199 was published Sep 5, 2025
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An... Critical Unreviewed
CVE-2025-35115 was published Aug 27, 2025
An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL... Moderate Unreviewed
CVE-2024-47192 was published Aug 26, 2025
A firmware update vulnerability exists in the Firmware Signature Validation functionality of... High Unreviewed
CVE-2025-31355 was published Aug 20, 2025
The affected product allows firmware updates to be downloaded from EG4's website, transferred... High Unreviewed
CVE-2025-53520 was published Aug 8, 2025
Download of code without integrity check vulnerability in AirPrint functionality in Synology... High Unreviewed
CVE-2024-39348 was published Aug 7, 2025
iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect... Critical Unreviewed
CVE-2025-53696 was published Jul 28, 2025
The cross-browser document creation component developed by Digitware System Integration... High Unreviewed
CVE-2025-7620 was published Jul 14, 2025
Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This... Low Unreviewed
CVE-2025-52937 was published Jun 23, 2025
Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A... High Unreviewed
CVE-2025-4648 was published May 13, 2025
Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code... Critical Unreviewed
CVE-2025-28236 was published Apr 18, 2025
The product can be used to distribute malicious code using SDD Device Drivers due to missing... Critical Unreviewed
CVE-2025-27593 was published Mar 14, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to... High Unreviewed
CVE-2024-43169 was published Mar 3, 2025
SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware... High Unreviewed
CVE-2024-50696 was published Feb 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database