GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,821
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,121
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,970

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,445 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34159 was published Aug 27, 2025

Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure... Critical Unreviewed

CVE-2025-43728 was published Aug 27, 2025

SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute... Critical Unreviewed

CVE-2025-50972 was published Aug 27, 2025

In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command... Critical Unreviewed

CVE-2025-30057 was published Aug 27, 2025

The RunCommand function accepts any parameter, which is then passed for execution in the shell.... Critical Unreviewed

CVE-2025-30056 was published Aug 27, 2025

The configuration file containing database logins and passwords is readable by any local user. Critical Unreviewed

CVE-2025-30063 was published Aug 27, 2025

The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is... Critical Unreviewed

CVE-2025-30055 was published Aug 27, 2025

In the Print.pl service, the "uhcPrintServerPrint" function allows execution of arbitrary code... Critical Unreviewed

CVE-2025-2313 was published Aug 27, 2025

Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows... Critical Unreviewed

CVE-2025-30039 was published Aug 27, 2025

The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat... Critical Unreviewed

CVE-2025-30041 was published Aug 27, 2025

The vulnerability allows unauthenticated users to download a file containing session ID data by... Critical Unreviewed

CVE-2025-30040 was published Aug 27, 2025

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An... Critical Unreviewed

CVE-2025-35115 was published Aug 27, 2025

In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a... Critical Unreviewed

CVE-2025-22408 was published Aug 27, 2025

In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed

CVE-2025-22403 was published Aug 27, 2025

In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed

CVE-2025-0074 was published Aug 27, 2025

In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary... Critical Unreviewed

CVE-2025-0075 was published Aug 27, 2025

Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT... Critical Unreviewed

CVE-2025-55443 was published Aug 26, 2025

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to... Critical Unreviewed

CVE-2024-39335 was published Aug 26, 2025

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4... Critical Unreviewed

CVE-2025-25734 was published Aug 26, 2025

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the... Critical Unreviewed

CVE-2025-55526 was published Aug 26, 2025

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were... Critical Unreviewed

CVE-2025-25736 was published Aug 26, 2025

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4... Critical Unreviewed

CVE-2025-25737 was published Aug 26, 2025

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in... Critical Unreviewed

CVE-2025-7775 was published Aug 26, 2025

The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An... Critical Unreviewed

CVE-2025-41702 was published Aug 26, 2025

SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers to gain sensitive... Critical Unreviewed

CVE-2025-55575 was published Aug 26, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,445 advisories