GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,553
Composer 5,554
Erlang 49
GitHub Actions 49
Go 3,426
Maven 6,365
npm 5,645
NuGet 882
pip 4,670
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,685

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

778 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU... Critical Unreviewed

CVE-2025-12001 was published Oct 21, 2025

Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP... Critical Unreviewed

CVE-2025-8414 was published Oct 17, 2025

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script... Critical Unreviewed

CVE-2025-57644 was published Sep 22, 2025

A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26... Critical Unreviewed

CVE-2025-43342 was published Sep 16, 2025

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 26, watchOS... Critical Unreviewed

CVE-2025-43347 was published Sep 16, 2025

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34161 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS)... Critical Unreviewed

CVE-2025-34157 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34159 was published Aug 27, 2025

Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified... Critical Unreviewed

CVE-2025-34158 was published Aug 21, 2025

A security issue exists due to improper handling of malformed CIP Forward Close packets during... Critical Unreviewed

CVE-2025-7693 was published Aug 18, 2025

A vulnerability has been found in the MSoft MFlash application that allows execution of... Critical Unreviewed

CVE-2025-9060 was published Aug 15, 2025

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed

CVE-2025-8876 was published Aug 14, 2025

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed

CVE-2025-24325 was published Aug 12, 2025

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed

CVE-2025-40746 was published Aug 12, 2025

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed

CVE-2025-2611 was published Aug 5, 2025

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed

CVE-2025-27212 was published Aug 5, 2025

LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed

CVE-2025-50578 was published Jul 30, 2025

This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15... Critical Unreviewed

CVE-2025-43253 was published Jul 30, 2025

Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed

CVE-2025-43234 was published Jul 30, 2025

An input validation issue was addressed with improved memory handling. This issue is fixed in... Critical Unreviewed

CVE-2025-31281 was published Jul 30, 2025

A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed

CVE-2014-125117 was published Jul 25, 2025

A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed

CVE-2025-34132 was published Jul 17, 2025

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed

CVE-2025-34300 was published Jul 16, 2025

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed

CVE-2025-34111 was published Jul 15, 2025

Previous 12…32 Next

Previous 1 2 3 4 5 … 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

778 advisories