Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if... High Unreviewed
CVE-2025-67738 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.4.6,... High Unreviewed
CVE-2025-12029 was published Dec 11, 2025
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18... High Unreviewed
CVE-2025-8405 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18... High Unreviewed
CVE-2025-12716 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6,... High Unreviewed
CVE-2025-12562 was published Dec 11, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53775 was published Dec 11, 2025
Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58282 was published Dec 11, 2025
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58280 was published Dec 11, 2025
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58283 was published Dec 11, 2025
PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows... High Unreviewed
CVE-2024-58284 was published Dec 11, 2025
Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers... High Unreviewed
CVE-2024-58281 was published Dec 11, 2025
Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025... High Unreviewed
CVE-2025-65290 was published Dec 11, 2025
Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025... High Unreviewed
CVE-2025-65297 was published Dec 11, 2025
Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4... High Unreviewed
CVE-2025-65292 was published Dec 11, 2025
Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027,... High Unreviewed
CVE-2025-65295 was published Dec 11, 2025
Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail... High Unreviewed
CVE-2025-65291 was published Dec 11, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53776 was published Dec 11, 2025
appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows... High Unreviewed
CVE-2024-58279 was published Dec 11, 2025
Race condition in the Okta Java SDK High
CVE-2025-67505 was published for com.okta.sdk:okta-sdk-root (Maven) Dec 10, 2025
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may... High Unreviewed
CVE-2025-67460 was published Dec 10, 2025
The application uses an insecure hashing algorithm (MD5) to hash passwords. If an attacker... High Unreviewed
CVE-2025-65831 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that... High Unreviewed
CVE-2020-36893 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletion vulnerability in... High Unreviewed
CVE-2020-36898 was published Dec 10, 2025
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to... High Unreviewed
CVE-2023-53741 was published Dec 10, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53740 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database