GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,850
Composer 5,061
Erlang 39
GitHub Actions 38
Go 2,690
Maven 6,134
npm 4,320
NuGet 760
pip 4,096
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,582

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,094 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Iskra iHUB and iHUB Lite smart metering gateway exposes its web management interface without... Critical Unreviewed

CVE-2025-13510 was published Dec 2, 2025

The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed

CVE-2025-13542 was published Dec 2, 2025

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute... Critical Unreviewed

CVE-2025-13658 was published Dec 2, 2025

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows... Critical Unreviewed

CVE-2025-11778 was published Dec 2, 2025

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan'... Critical Unreviewed

CVE-2025-11779 was published Dec 2, 2025

Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an... Critical Unreviewed

CVE-2025-41742 was published Dec 2, 2025

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged... Critical Unreviewed

CVE-2025-41744 was published Dec 2, 2025

mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the... Critical Unreviewed

CVE-2025-51682 was published Dec 1, 2025

PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController. Critical Unreviewed

CVE-2025-65836 was published Dec 1, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php... Critical Unreviewed

CVE-2025-63535 was published Dec 1, 2025

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when... Critical Unreviewed

CVE-2025-8351 was published Dec 1, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel... Critical Unreviewed

CVE-2025-63532 was published Dec 1, 2025

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows... Critical Unreviewed

CVE-2025-3500 was published Dec 1, 2025

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the... Critical Unreviewed

CVE-2025-63531 was published Dec 1, 2025

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to... Critical Unreviewed

CVE-2025-63525 was published Dec 1, 2025

Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to... Critical Unreviewed

CVE-2025-12106 was published Dec 1, 2025

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by... Critical Unreviewed

CVE-2025-35028 was published Dec 1, 2025

The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in... Critical Unreviewed

CVE-2025-13615 was published Nov 30, 2025

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to... Critical Unreviewed

CVE-2025-66385 was published Nov 28, 2025

Permission control vulnerability in the memory management module. Impact: Successful exploitation... Critical Unreviewed

CVE-2025-64314 was published Nov 28, 2025

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool... Critical Unreviewed

CVE-2025-8890 was published Nov 27, 2025

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the... Critical Unreviewed

CVE-2025-12140 was published Nov 27, 2025

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2025-13539 was published Nov 27, 2025

The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed

CVE-2025-13538 was published Nov 27, 2025

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed

CVE-2025-13540 was published Nov 27, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,094 advisories