Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,881 advisories

Loading
A buffer overflow vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2025-30265 was published Aug 29, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote... Low Unreviewed
CVE-2024-12923 was published Aug 29, 2025
Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in... Low Unreviewed
CVE-2025-9071 was published Aug 29, 2025
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... Low Unreviewed
CVE-2025-43255 was published Aug 29, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Low Unreviewed
CVE-2024-44271 was published Aug 29, 2025
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious... Low Unreviewed
CVE-2025-48979 was published Aug 29, 2025
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown... Low Unreviewed
CVE-2025-9589 was published Aug 29, 2025
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an... Low Unreviewed
CVE-2025-9577 was published Aug 28, 2025
A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown... Low Unreviewed
CVE-2025-9576 was published Aug 28, 2025
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows ... Low Unreviewed
CVE-2025-35112 was published Aug 27, 2025
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function... Low Unreviewed
CVE-2025-9474 was published Aug 26, 2025
On affected platforms running Arista EOS, the global common encryption key configuration may be... Low Unreviewed
CVE-2025-3456 was published Aug 26, 2025
A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This... Low Unreviewed
CVE-2025-9383 was published Aug 24, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout,... Low Unreviewed
CVE-2025-54812 was published Aug 22, 2025
DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via... Low Unreviewed
CVE-2025-55455 was published Aug 22, 2025
An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to... Low Unreviewed
CVE-2025-55523 was published Aug 21, 2025
A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file ... Low Unreviewed
CVE-2025-9309 was published Aug 21, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0... Low Unreviewed
CVE-2025-2988 was published Aug 19, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request... Low Unreviewed
CVE-2025-54234 was published Aug 18, 2025
IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing... Low Unreviewed
CVE-2024-49827 was published Aug 18, 2025
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is... Low Unreviewed
CVE-2025-9091 was published Aug 17, 2025
A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this... Low Unreviewed
CVE-2017-20199 was published Aug 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database