Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,111
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,205 advisories

Loading
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This... High Unreviewed
CVE-2025-56407 was published Sep 10, 2025
An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized... High Unreviewed
CVE-2025-56405 was published Sep 10, 2025
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to... High Unreviewed
CVE-2025-56413 was published Sep 10, 2025
An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to gain sensitive information or... High Unreviewed
CVE-2025-56406 was published Sep 10, 2025
The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2025-7718 was published Sep 10, 2025
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that,... High Unreviewed
CVE-2025-10231 was published Sep 10, 2025
Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL... High Unreviewed
CVE-2025-10225 was published Sep 10, 2025
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via... High Unreviewed
CVE-2025-56404 was published Sep 10, 2025
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10213 was published Sep 10, 2025
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27... High Unreviewed
CVE-2025-40979 was published Sep 10, 2025
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10214 was published Sep 10, 2025
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed
CVE-2025-10215 was published Sep 10, 2025
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path... High Unreviewed
CVE-2025-41714 was published Sep 10, 2025
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-10049 was published Sep 10, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2025-7049 was published Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby... High Unreviewed
CVE-2025-36759 was published Sep 10, 2025
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10001 was published Sep 10, 2025
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10040 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-54258 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by an Integer Overflow or... High Unreviewed
CVE-2025-54259 was published Sep 10, 2025
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing... High Unreviewed
CVE-2025-10172 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by an out-of-bounds read... High Unreviewed
CVE-2025-54260 was published Sep 10, 2025
Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0... High Unreviewed
CVE-2025-49459 was published Sep 10, 2025
A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the... High Unreviewed
CVE-2025-10171 was published Sep 10, 2025
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-54244 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database