GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,126

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,127 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR... Critical Unreviewed

CVE-2018-25126 was published Nov 24, 2025

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi... Critical Unreviewed

CVE-2023-7330 was published Nov 24, 2025

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (... Critical Unreviewed

CVE-2025-63958 was published Nov 24, 2025

Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs... Critical Unreviewed

CVE-2025-12977 was published Nov 24, 2025

iStats contains an insecure XPC service that allows local, unprivileged users to escalate their... Critical Unreviewed

CVE-2025-11921 was published Nov 24, 2025

The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9... Critical Unreviewed

CVE-2025-11127 was published Nov 21, 2025

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-11456 was published Nov 21, 2025

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict... Critical Unreviewed

CVE-2025-64310 was published Nov 21, 2025

Azure Bastion Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-49752 was published Nov 21, 2025

Microsoft SharePoint Online Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-59245 was published Nov 21, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability... Critical Unreviewed

CVE-2025-10571 was published Nov 20, 2025

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly... Critical Unreviewed

CVE-2025-34320 was published Nov 20, 2025

An attacker could take over a Looker account in a Looker instance configured with OIDC... Critical Unreviewed

CVE-2025-12414 was published Nov 20, 2025

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code... Critical Unreviewed

CVE-2025-63213 was published Nov 19, 2025

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface,... Critical Unreviewed

CVE-2025-63206 was published Nov 19, 2025

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to... Critical Unreviewed

CVE-2025-63207 was published Nov 19, 2025

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is... Critical Unreviewed

CVE-2025-63210 was published Nov 19, 2025

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An... Critical Unreviewed

CVE-2025-13315 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34328 was published Nov 19, 2025

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23... Critical Unreviewed

CVE-2025-34329 was published Nov 19, 2025

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63224 was published Nov 19, 2025

The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed

CVE-2025-63223 was published Nov 19, 2025

Legacy Vivotek Device firmware uses default credetials for the root and user login accounts. Critical Unreviewed

CVE-2025-12592 was published Nov 19, 2025

The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed

CVE-2025-63218 was published Nov 19, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10437 was published Nov 19, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,127 advisories