Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

273,827 advisories

Loading
D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy... Moderate Unreviewed
CVE-2025-34255 was published Oct 16, 2025
D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy... Moderate Unreviewed
CVE-2025-34254 was published Oct 16, 2025
The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize... Moderate Unreviewed
CVE-2025-60641 was published Oct 16, 2025
OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed
CVE-2025-62586 was published Oct 16, 2025
A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from... Moderate Unreviewed
CVE-2025-61330 was published Oct 16, 2025
Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax... Moderate Unreviewed
CVE-2025-56700 was published Oct 16, 2025
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open... Moderate Unreviewed
CVE-2025-56699 was published Oct 16, 2025
Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26). Moderate Unreviewed
CVE-2025-60639 was published Oct 16, 2025
IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by... High Unreviewed
CVE-2025-36128 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting ... Moderate Unreviewed
CVE-2025-34512 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection... Critical Unreviewed
CVE-2025-34513 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection... High Unreviewed
CVE-2025-34514 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary... Critical Unreviewed
CVE-2025-34515 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials... Critical Unreviewed
CVE-2025-34516 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed
CVE-2025-34517 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed
CVE-2025-34518 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm... High Unreviewed
CVE-2025-34519 was published Oct 16, 2025
A vulnerability has been found in Apeman ID71 EN75.8.53.20. The affected element is an unknown... Moderate Unreviewed
CVE-2025-11851 was published Oct 16, 2025
A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo... Moderate Unreviewed
CVE-2025-11840 was published Oct 16, 2025
Mattermost Desktop App versions <=5.13.0 fail to manage modals in the Mattermost Desktop App that... Moderate Unreviewed
CVE-2025-55035 was published Oct 16, 2025
A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when... High Unreviewed
CVE-2025-62491 was published Oct 16, 2025
An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due... High Unreviewed
CVE-2025-62495 was published Oct 16, 2025
A vulnerability exists in the QuickJS engine's BigInt string conversion logic ... Moderate Unreviewed
CVE-2025-62493 was published Oct 16, 2025
A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string... High Unreviewed
CVE-2025-62496 was published Oct 16, 2025
A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS... Moderate Unreviewed
CVE-2025-62492 was published Oct 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database