Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

225 advisories

Loading
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Moderate Unreviewed
CVE-2025-6894 was published Oct 17, 2025
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed
CVE-2025-6893 was published Oct 17, 2025
A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with... High Unreviewed
CVE-2025-57780 was published Oct 15, 2025
open-webui Insecure Direct Object Reference (IDOR) vulnerability Moderate
CVE-2024-7041 was published for open-webui (pip) Oct 9, 2024
A potential vulnerability was reported in PC Manager that could allow a local authenticated user... High Unreviewed
CVE-2025-8486 was published Oct 15, 2025
A vulnerability exists in the iHealth command that may allow an authenticated attacker with at... High Unreviewed
CVE-2025-61958 was published Oct 15, 2025
A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that... High Unreviewed
CVE-2025-59481 was published Oct 15, 2025
Clash Verge Rev thru 2.2.3 forces the installation of system services(clash-verge-service) by... High Unreviewed
CVE-2025-50505 was published Oct 7, 2025
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... Critical Unreviewed
CVE-2025-36356 was published Oct 6, 2025
A potential privilege escalation through Sudo vulnerability has been identified in the Poly... Moderate Unreviewed
CVE-2025-43487 was published Jul 23, 2025
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated... High Unreviewed
CVE-2025-1137 was published May 10, 2025
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an... Moderate Unreviewed
CVE-2025-37128 was published Sep 17, 2025
An issue discovered in the Tuya Smart Life App 5.6.1 allows attackers to unprivileged control... Critical Unreviewed
CVE-2025-56557 was published Sep 16, 2025
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via... Critical Unreviewed
CVE-2025-57119 was published Sep 16, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged... Moderate Unreviewed
CVE-2024-47120 was published Sep 10, 2025
XWiki Blog Application: Privilege Escalation (PR) from account through blog content High
CVE-2025-58365 was published for org.xwiki.contrib.blog:application-blog-ui (Maven) Sep 8, 2025
Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the... Critical Unreviewed
CVE-2025-42958 was published Sep 9, 2025
In BootRom, there is a possible unchecked write address. This could lead to local escalation of... High Unreviewed
CVE-2022-38694 was published Sep 2, 2025
In BootRom, there's a possible unchecked command index. This could lead to local escalation of... High Unreviewed
CVE-2022-38695 was published Sep 2, 2025
In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to... High Unreviewed
CVE-2022-38691 was published Sep 2, 2025
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted... High Unreviewed
CVE-2025-0079 was published Aug 27, 2025
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default... High Unreviewed
CVE-2025-50753 was published Aug 26, 2025
In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code.... High Unreviewed
CVE-2025-0078 was published Aug 27, 2025
In multiple locations, there is a possible way to overlay the installation confirmation dialog... High Unreviewed
CVE-2025-0080 was published Aug 27, 2025
Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability... High Unreviewed
CVE-2024-2240 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database