GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,702
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,662
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,010 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot... Critical Unreviewed

CVE-2025-34030 was published Jun 20, 2025

The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as... Critical Unreviewed

CVE-2025-12057 was published Nov 19, 2025

The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed

CVE-2025-63225 was published Nov 18, 2025

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is... Critical Unreviewed

CVE-2025-63210 was published Nov 19, 2025

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects... Critical Unreviewed

CVE-2025-13022 was published Nov 11, 2025

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This... Critical Unreviewed

CVE-2025-13023 was published Nov 11, 2025

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows... Critical Unreviewed

CVE-2025-41346 was published Nov 18, 2025

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This... Critical Unreviewed

CVE-2025-13026 was published Nov 11, 2025

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects... Critical Unreviewed

CVE-2025-13021 was published Nov 11, 2025

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence... Critical Unreviewed

CVE-2025-13027 was published Nov 11, 2025

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... Critical Unreviewed

CVE-2025-13024 was published Nov 11, 2025

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password... Critical Unreviewed

CVE-2025-54321 was published Nov 18, 2025

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php... Critical Unreviewed

CVE-2025-63695 was published Nov 18, 2025

The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed

CVE-2025-63218 was published Nov 19, 2025

Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user... Critical Unreviewed

CVE-2025-56643 was published Nov 18, 2025

DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage. Critical Unreviewed

CVE-2025-63694 was published Nov 18, 2025

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an... Critical Unreviewed

CVE-2025-63228 was published Nov 18, 2025

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An... Critical Unreviewed

CVE-2025-13315 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34329 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34328 was published Nov 19, 2025

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63224 was published Nov 19, 2025

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to... Critical Unreviewed

CVE-2025-63216 was published Nov 19, 2025

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0... Critical Unreviewed

CVE-2025-64446 was published Nov 14, 2025

Legacy Vivotek Device firmware uses default credetials for the root and user login accounts. Critical Unreviewed

CVE-2025-12592 was published Nov 19, 2025

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63217 was published Nov 19, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,010 advisories