Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”) Critical
CVE-2025-67510 was published for neuron-core/neuron-ai (Composer) Dec 9, 2025
siewer
Credited to siewer
Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and... Critical Unreviewed
CVE-2025-55469 was published Nov 26, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... Critical Unreviewed
CVE-2025-59703 was published Dec 2, 2025
Mautic user without privileged access to the Marketplace can install and uninstall composer packages Critical
CVE-2025-13828 was published for mautic/core (Composer) Dec 2, 2025
driskell escopecz
patrykgruszka
Credited to driskell, escopecz, and patrykgruszka
An unauthenticated administrative access vulnerability exists in the open-source HashTech project... Critical Unreviewed
CVE-2025-65276 was published Nov 26, 2025
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code... Critical Unreviewed
CVE-2025-48983 was published Oct 31, 2025
The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63223 was published Nov 19, 2025
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed
CVE-2025-63225 was published Nov 18, 2025
The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63218 was published Nov 19, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed
CVE-2025-54343 was published Nov 14, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed
CVE-2025-54339 was published Nov 14, 2025
A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi... Critical Unreviewed
CVE-2025-63353 was published Nov 12, 2025
Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password... Critical Unreviewed
CVE-2025-63666 was published Nov 12, 2025
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control... Critical Unreviewed
CVE-2025-46608 was published Nov 12, 2025
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw... Critical Unreviewed
CVE-2025-12480 was published Nov 10, 2025
Magento improper access control vulnerability within Magento's Media Gallery Upload workflow Critical
CVE-2021-36036 was published for magento/community-edition (Composer) Sep 6, 2023
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control... Critical Unreviewed
CVE-2025-23048 was published Jul 10, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
A command execution vulnerability exists in the validate.so diag_ping_start functionality of... Critical Unreviewed
CVE-2023-32632 was published Oct 11, 2023
A library injection issue was addressed with additional restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-30462 was published Apr 1, 2025
This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30433 was published Apr 1, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24241 was published Apr 1, 2025
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated... Critical Unreviewed
CVE-2025-26062 was published Jul 31, 2025
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Critical Unreviewed
CVE-2025-43184 was published Jul 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database