Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,178 advisories

Loading
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10213 was published Sep 10, 2025
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27... High Unreviewed
CVE-2025-40979 was published Sep 10, 2025
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10214 was published Sep 10, 2025
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10215 was published Sep 10, 2025
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-10049 was published Sep 10, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2025-7049 was published Sep 10, 2025
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path... High Unreviewed
CVE-2025-41714 was published Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby... High Unreviewed
CVE-2025-36759 was published Sep 10, 2025
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10040 was published Sep 10, 2025
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10001 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-54258 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by an Integer Overflow or... High Unreviewed
CVE-2025-54259 was published Sep 10, 2025
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing... High Unreviewed
CVE-2025-10172 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by an out-of-bounds read... High Unreviewed
CVE-2025-54260 was published Sep 10, 2025
Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0... High Unreviewed
CVE-2025-49459 was published Sep 10, 2025
A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the... High Unreviewed
CVE-2025-10171 was published Sep 10, 2025
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-54244 was published Sep 9, 2025
Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-54245 was published Sep 9, 2025
Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a... High Unreviewed
CVE-2025-54257 was published Sep 9, 2025
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a... High Unreviewed
CVE-2025-23342 was published Sep 9, 2025
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the... High Unreviewed
CVE-2025-23344 was published Sep 9, 2025
OS Command ('OS Command Injection') vulnerability in Calix GigaCenter ONT (Quantenna SoC modules)... High Unreviewed
CVE-2025-54084 was published Sep 9, 2025
Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue... High Unreviewed
CVE-2025-7635 was published Sep 9, 2025
A weakness has been identified in UTT 1200GW up to 3.0.0-170831. Affected by this issue is some... High Unreviewed
CVE-2025-10169 was published Sep 9, 2025
Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-54243 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database