GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,159

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,158 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The embedded web server on the thermostat listed version ranges contain a vulnerability that... Critical Unreviewed

CVE-2025-6260 was published Jul 24, 2025

DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user... High Unreviewed

CVE-2025-48733 was published Jul 23, 2025

A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by... High Unreviewed

CVE-2025-34119 was published Jul 16, 2025

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station... Critical Unreviewed

CVE-2025-34121 was published Jul 16, 2025

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2025-30762 was published Jul 15, 2025

An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior... Critical Unreviewed

CVE-2025-34104 was published Jul 15, 2025

A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version... Moderate Unreviewed

CVE-2025-52089 was published Jul 11, 2025

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services ... High Unreviewed

CVE-2025-53378 was published Jul 10, 2025

An unauthenticated user with management network access can get and modify the Radiflow iSAP... Critical Unreviewed

CVE-2025-3498 was published Jul 9, 2025

An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to... Critical Unreviewed

CVE-2025-34085 was published Jul 9, 2025

Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows... Moderate Unreviewed

CVE-2025-7031 was published Jul 8, 2025

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed

CVE-2025-48814 was published Jul 8, 2025

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... Critical Unreviewed

CVE-2025-40736 was published Jul 8, 2025

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an... High Unreviewed

CVE-2025-25268 was published Jul 8, 2025

Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 ... Critical Unreviewed

CVE-2025-45814 was published Jul 2, 2025

An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default... Critical Unreviewed

CVE-2025-34069 was published Jul 2, 2025

A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with... Critical Unreviewed

CVE-2025-34071 was published Jul 2, 2025

A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5... Critical Unreviewed

CVE-2025-34070 was published Jul 2, 2025

A flaw was found in the authentication enforcement mechanism of a model inference API in ai... Moderate Unreviewed

CVE-2025-6920 was published Jul 1, 2025

An unauthenticated remote attacker can run arbitrary commands on the affected devices with high... Critical Unreviewed

CVE-2025-41656 was published Jul 1, 2025

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a... High Unreviewed

CVE-2024-8419 was published Jun 30, 2025

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated... Critical Unreviewed

CVE-2025-5310 was published Jun 27, 2025

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G... Critical Unreviewed

CVE-2025-3699 was published Jun 27, 2025

Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure... High Unreviewed

CVE-2025-6678 was published Jun 26, 2025

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... High Unreviewed

CVE-2025-32978 was published Jun 26, 2025

Previous 1…3…47 Next

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,158 advisories