Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,980
Maven
5,000+
npm
4,634
NuGet
788
pip
4,321
Pub
12
RubyGems
986
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

118,888 advisories

Loading
Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability... High Unreviewed
CVE-2025-14349 was published Feb 13, 2026
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is... High Unreviewed
CVE-2026-25108 was published Feb 13, 2026
A vulnerability in the certificate validation logic may allow applications to accept untrusted or... High Unreviewed
CVE-2025-9293 was published Feb 13, 2026
ClamAV ClamBC bytecode interpreter contains a vulnerability in function name processing that... High Unreviewed
CVE-2020-37167 was published Feb 13, 2026
E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2019-25320 was published Feb 13, 2026
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to... High Unreviewed
CVE-2019-25318 was published Feb 13, 2026
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to... High Unreviewed
CVE-2019-25319 was published Feb 13, 2026
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to... High Unreviewed
CVE-2019-25332 was published Feb 13, 2026
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute... High Unreviewed
CVE-2019-25321 was published Feb 13, 2026
PRO-7070 Hazır Profesyonel Web Sitesi version 1.0 contains an authentication bypass vulnerability... High Unreviewed
CVE-2019-25335 was published Feb 13, 2026
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local... High Unreviewed
CVE-2019-25331 was published Feb 13, 2026
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm... High Unreviewed
CVE-2019-25342 was published Feb 13, 2026
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that... High Unreviewed
CVE-2019-25325 was published Feb 13, 2026
SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password... High Unreviewed
CVE-2019-25336 was published Feb 13, 2026
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field... High Unreviewed
CVE-2019-25327 was published Feb 13, 2026
Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows... High Unreviewed
CVE-2019-25333 was published Feb 13, 2026
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that... High Unreviewed
CVE-2026-26224 was published Feb 13, 2026
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and... High Unreviewed
CVE-2026-26225 was published Feb 13, 2026
WWW::OAuth 1.000 and earlier for Perl uses the rand() function as the default source of entropy,... High Unreviewed
CVE-2025-40905 was published Feb 13, 2026
MagicLink: Insecure Deserialization of MagicLink Actions Leads to Remote Code Execution High
GHSA-r33w-fg8j-9c94 was published for cesargb/laravel-magiclink (Composer) Feb 12, 2026
Prav33N-Sec
Credited to Prav33N-Sec
Arbitrary WASM Code Execution via AnnotationOverrideFlight Injection in Yoke ATC High
CVE-2026-26056 was published for github.com/yokecd/yoke (Go) Feb 12, 2026
b0b0haha lixingquzhi
Credited to b0b0haha and lixingquzhi
Unauthenticated Admission Webhook Endpoints in Yoke ATC High
CVE-2026-26055 was published for github.com/yokecd/yoke (Go) Feb 12, 2026
b0b0haha lixingquzhi
Credited to b0b0haha and lixingquzhi
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local... High Unreviewed
CVE-2019-25344 was published Feb 12, 2026
NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to... High Unreviewed
CVE-2019-25343 was published Feb 12, 2026
Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that... High Unreviewed
CVE-2019-25345 was published Feb 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database