Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to... High Unreviewed
CVE-2023-53741 was published Dec 10, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53740 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that... High Unreviewed
CVE-2020-36893 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletion vulnerability in... High Unreviewed
CVE-2020-36898 was published Dec 10, 2025
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery vulnerability... High Unreviewed
CVE-2020-36900 was published Dec 10, 2025
A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local... High Unreviewed
CVE-2025-65199 was published Dec 10, 2025
Improper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot... High Unreviewed
CVE-2025-24857 was published Dec 10, 2025
EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure... High Unreviewed
CVE-2020-36895 was published Dec 10, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the webpage-to-markdown... High Unreviewed
CVE-2025-65512 was published Dec 10, 2025
An issue in the Bluetooth firmware of JXL 9 Inch Car Android Double Din Player Android v12.0... High Unreviewed
CVE-2025-63895 was published Dec 10, 2025
An unauthenticated attacker within proximity of the Meatmeet device can perform an unauthorized... High Unreviewed
CVE-2025-65824 was published Dec 10, 2025
As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary... High Unreviewed
CVE-2025-65821 was published Dec 10, 2025
SpinetiX Fusion Digital Signage 3.4.8 and lower contains an authenticated path traversal... High Unreviewed
CVE-2020-36883 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56431 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56430 was published Dec 10, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality High
CVE-2025-34429 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
Formio improperly authorized permission elevation through specially crafted request path High
CVE-2025-67718 was published for formio (npm) Dec 10, 2025
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and... High Unreviewed
CVE-2025-63094 was published Dec 10, 2025
Jenkins Coverage Plugin has a stored cross-site scripting (XSS) vulnerability High
CVE-2025-67641 was published for io.jenkins.plugins:coverage (Maven) Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34424 was published Dec 10, 2025
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before... High Unreviewed
CVE-2025-65803 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34421 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34422 was published Dec 10, 2025
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to... High Unreviewed
CVE-2025-34423 was published Dec 10, 2025
Jenkins has a Denial of service vulnerability in HTTP-based CLI High
CVE-2025-67635 was published for org.jenkins-ci.main:cli (Maven) Dec 10, 2025
caverav Credited to caverav
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database