Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a... High Unreviewed
CVE-2025-13072 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction... High Unreviewed
CVE-2025-61813 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... High Unreviewed
CVE-2025-61811 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by a Deserialization of... High Unreviewed
CVE-2025-61810 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... High Unreviewed
CVE-2025-61812 was published Dec 10, 2025
LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method High
CVE-2025-67644 was published for langgraph-checkpoint-sqlite (pip) Dec 10, 2025
VladimirEliTokarev Credited to VladimirEliTokarev, yardenporat353, and hawkeyetw yardenporat353 yardenporat353
hawkeyetw hawkeyetw
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows... High Unreviewed
CVE-2023-53770 was published Dec 9, 2025
MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to... High Unreviewed
CVE-2023-53772 was published Dec 9, 2025
MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows... High Unreviewed
CVE-2023-53773 was published Dec 9, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64785 was published Dec 9, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64899 was published Dec 9, 2025
STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers... High Unreviewed
CVE-2021-47724 was published Dec 9, 2025
OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to... High Unreviewed
CVE-2021-47704 was published Dec 9, 2025
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by... High Unreviewed
CVE-2021-47701 was published Dec 9, 2025
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated... High Unreviewed
CVE-2021-47718 was published Dec 9, 2025
COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause... High Unreviewed
CVE-2021-47709 was published Dec 9, 2025
COMMAX Biometric Access Control System 1.0.0 contains an authentication bypass vulnerability that... High Unreviewed
CVE-2021-47706 was published Dec 9, 2025
COMMAX Smart Home System is a smart IoT home solution that allows an unauthenticated attacker to... High Unreviewed
CVE-2021-47710 was published Dec 9, 2025
COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows... High Unreviewed
CVE-2021-47719 was published Dec 9, 2025
COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability... High Unreviewed
CVE-2021-47705 was published Dec 9, 2025
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote... High Unreviewed
CVE-2021-47727 was published Dec 9, 2025
Selea Targa IP OCR-ANPR Camera contains a cross-site request forgery vulnerability that allows... High Unreviewed
CVE-2021-47730 was published Dec 9, 2025
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote... High Unreviewed
CVE-2025-65573 was published Dec 9, 2025
DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound... High Unreviewed
CVE-2025-64783 was published Dec 9, 2025
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-64680 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database