Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,950 advisories

Loading
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the... High Unreviewed
CVE-2025-11697 was published Nov 11, 2025
KubeVirt Vulnerable to Arbitrary Host File Read and Write High
CVE-2025-64324 was published for kubevirt.io/kubevirt (Go) Nov 7, 2025
mihailkirov Credited to mihailkirov, Faeris95, and jean-edouard Faeris95 Faeris95
jean-edouard jean-edouard
The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is... High Unreviewed
CVE-2025-12139 was published Nov 5, 2025
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080,... High Unreviewed
CVE-2025-54323 was published Nov 4, 2025
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... High Unreviewed
CVE-2025-43468 was published Nov 4, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43449 was published Nov 4, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 26,... High Unreviewed
CVE-2025-43323 was published Nov 4, 2025
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile... High Unreviewed
CVE-2024-30135 was published Oct 30, 2025
An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized... High Unreviewed
CVE-2025-60805 was published Oct 28, 2025
Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext... High Unreviewed
CVE-2025-60858 was published Oct 28, 2025
TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp... High Unreviewed
CVE-2025-27225 was published Oct 27, 2025
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which... High Unreviewed
CVE-2025-52268 was published Oct 27, 2025
Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on... High Unreviewed
CVE-2025-61482 was published Oct 27, 2025
Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of... High Unreviewed
CVE-2025-11145 was published Oct 24, 2025
Captive Portal can expose sensitive information High Unreviewed
CVE-2025-6980 was published Oct 23, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-53066 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2025-53036 was published Oct 21, 2025
Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item... High Unreviewed
CVE-2025-53043 was published Oct 21, 2025
The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows... High Unreviewed
CVE-2025-61220 was published Oct 21, 2025
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System... High Unreviewed
CVE-2025-11151 was published Oct 21, 2025
Strapi core vulnerable to sensitive data exposure via CORS misconfiguration High
CVE-2025-53092 was published for @strapi/core (npm) Oct 16, 2025
ghostvirus62 Credited to ghostvirus62, derrickmehaffy, alexandrebodin, and innerdvations derrickmehaffy derrickmehaffy
alexandrebodin alexandrebodin innerdvations innerdvations
Omni vulnerable to information leak via API High
CVE-2025-61688 was published for github.com/siderolabs/omni (Go) Oct 13, 2025
utkuozdemir Credited to utkuozdemir
Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious... High Unreviewed
CVE-2025-8915 was published Oct 13, 2025
The Flock Safety Peripheral com.flocksafety.android.peripheral application 7.38.3 for Android ... High Unreviewed
CVE-2025-59405 was published Oct 2, 2025
YOSHOP 2.0 allows unauthenticated information disclosure via comment-list API endpoints in the... High Unreviewed
CVE-2025-56161 was published Oct 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database