GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,905
Composer 5,452
Erlang 46
GitHub Actions 47
Go 3,340
Maven 6,338
npm 5,367
NuGet 881
pip 4,549
Pub 12
RubyGems 1,012
Rust 1,202
Swift 51

Unreviewed advisories

All unreviewed 295,465

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

777 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In its design for automatic terminal command execution, AI Code offers two options: Execute safe... Critical Unreviewed

CVE-2026-30304 was published Mar 27, 2026

CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android... Critical Unreviewed

CVE-2026-4755 was published Mar 24, 2026

NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation... Critical Unreviewed

CVE-2026-0848 was published Mar 5, 2026

Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a... Critical Unreviewed

CVE-2026-3545 was published Mar 4, 2026

Improper enforcement of the Disable password saving in vaults setting in the connection entry... Critical Unreviewed

CVE-2026-2590 was published Mar 4, 2026

Improper input validation in the error message page in Devolutions Server 2025.3.15 and earlier... Critical Unreviewed

CVE-2026-3204 was published Mar 4, 2026

A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb... Critical Unreviewed

CVE-2024-55020 was published Mar 3, 2026

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on... Critical Unreviewed

CVE-2026-2750 was published Feb 27, 2026

When a specific function is enabled while joining a AD Domain from ADM, an improper input... Critical Unreviewed

CVE-2026-24936 was published Feb 3, 2026

Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with... Critical Unreviewed

CVE-2026-24811 was published Jan 27, 2026

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59... Critical Unreviewed

CVE-2026-0903 was published Jan 20, 2026

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business... Critical Unreviewed

CVE-2025-61546 was published Jan 8, 2026

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the... Critical Unreviewed

CVE-2025-8769 was published Dec 24, 2025

Cisco is aware of a potential vulnerability.  Cisco is currently investigating and will... Critical Unreviewed

CVE-2025-20393 was published Dec 17, 2025

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2025-14156 was published Dec 15, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... Critical Unreviewed

CVE-2025-61809 was published Dec 10, 2025

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed

CVE-2025-66259 was published Nov 26, 2025

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code... Critical Unreviewed

CVE-2025-63213 was published Nov 19, 2025

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no... Critical Unreviewed

CVE-2025-10460 was published Nov 17, 2025

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the... Critical Unreviewed

CVE-2025-64385 was published Oct 31, 2025

HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web... Critical Unreviewed

CVE-2024-30110 was published Oct 30, 2025

An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public... Critical Unreviewed

CVE-2025-61235 was published Oct 28, 2025

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload... Critical Unreviewed

CVE-2025-27224 was published Oct 27, 2025

Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19... Critical Unreviewed

CVE-2025-12275 was published Oct 26, 2025

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Previous1…32 Next

Previous 1 2 3 4 5 … 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

777 advisories