Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

356 advisories

Loading
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18... Moderate Unreviewed
CVE-2025-12653 was published Nov 26, 2025
An attacker could take over a Looker account in a Looker instance configured with OIDC... Critical Unreviewed
CVE-2025-12414 was published Nov 20, 2025
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and... Low Unreviewed
CVE-2025-13015 was published Nov 11, 2025
Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker... High Unreviewed
CVE-2025-12430 was published Nov 10, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... High Unreviewed
CVE-2025-11209 was published Nov 7, 2025
An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is... High Unreviewed
CVE-2025-27916 was published Nov 6, 2025
Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin... Critical Unreviewed
CVE-2025-58595 was published Nov 6, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1,... Moderate Unreviewed
CVE-2025-43493 was published Nov 4, 2025
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2025-43503 was published Nov 4, 2025
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized... Moderate Unreviewed
CVE-2025-59501 was published Oct 31, 2025
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On... High Unreviewed
CVE-2025-11843 was published Oct 31, 2025
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products... Moderate Unreviewed
CVE-2025-5605 was published Oct 24, 2025
Reolink desktop application 8.18.12 contains a vulnerability in its local authentication... Moderate Unreviewed
CVE-2025-56800 was published Oct 21, 2025
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to... High Unreviewed
CVE-2025-37147 was published Oct 14, 2025
A security vulnerability was identified in Obsidian Scheduler's REST API 5.0.0 thru 6.3.0. If an... High Unreviewed
CVE-2025-56449 was published Sep 29, 2025
This vulnerability affects Firefox < 143 and Thunderbird < 143. Moderate Unreviewed
CVE-2025-10530 was published Sep 16, 2025
Wi-SUN unexpected 4- Way Handshake packet receptions may lead to predictable keys and potentially... High Unreviewed
CVE-2025-7448 was published Sep 12, 2025
One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to... Moderate Unreviewed
CVE-2025-56689 was published Sep 8, 2025
In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic... Low Unreviewed
CVE-2025-26419 was published Sep 4, 2025
In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a... Low Unreviewed
CVE-2025-26428 was published Sep 4, 2025
In multiple locations, there is a possible lock screen bypass due to a logic error in the code.... Moderate Unreviewed
CVE-2025-26421 was published Sep 4, 2025
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest... Moderate Unreviewed
CVE-2025-56608 was published Sep 3, 2025
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503... High Unreviewed
CVE-2025-6188 was published Aug 26, 2025
Official Document Management System developed by 2100 Technology has an Authentication Bypass... Critical Unreviewed
CVE-2025-8853 was published Aug 11, 2025
IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges... High Unreviewed
CVE-2025-36119 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database