Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,106
NuGet
735
pip
3,928
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,068 advisories

Loading
Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could... High Unreviewed
CVE-2023-32701 was published Nov 14, 2023
A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules,... High Unreviewed
CVE-2025-8007 was published Sep 9, 2025
A security issue affecting multiple Cisco devices also directly impacts Stratix® 5410, 5700, and... High Unreviewed
CVE-2025-7350 was published Sep 9, 2025
A code execution security issue exists in the affected product. An attacker with physical access... High Unreviewed
CVE-2025-9160 was published Sep 9, 2025
A security issue exists within FactoryTalk Activation Manager. An error in the implementation of... High Unreviewed
CVE-2025-7970 was published Sep 9, 2025
An open database issue exists in the affected product and version. The security issue stems from... High Unreviewed
CVE-2025-9364 was published Sep 9, 2025
A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization.... High Unreviewed
CVE-2025-9161 was published Sep 9, 2025
A server-side request forgery security issue exists within Rockwell Automation ThinManager®... High Unreviewed
CVE-2025-9065 was published Sep 9, 2025
A security issue exists in the protected mode of EN4TR devices, where sending specifically... High Unreviewed
CVE-2025-8008 was published Sep 9, 2025
A denial-of-service security issue exists in the affected product and version. The security issue... High Unreviewed
CVE-2025-9166 was published Sep 9, 2025
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where... High Unreviewed
CVE-2025-33045 was published Sep 9, 2025
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed
CVE-2025-49156 was published Jun 17, 2025
An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows... High Unreviewed
CVE-2025-34520 was published Aug 28, 2025
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed
CVE-2025-49157 was published Jun 17, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed
CVE-2025-9539 was published Sep 9, 2025
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a... High Unreviewed
CVE-2025-41701 was published Sep 9, 2025
Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0... High Unreviewed
CVE-2025-59018 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40796 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40797 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40798 was published Sep 9, 2025
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the... High Unreviewed
CVE-2025-10120 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42916 was published Sep 9, 2025
When a user logs in via SAP Business One native client, the SLD backend service fails to enforce... High Unreviewed
CVE-2025-42933 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42929 was published Sep 9, 2025
The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to... High Unreviewed
CVE-2025-8085 was published Sep 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database