GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,790

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,405 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who... High Unreviewed

CVE-2025-55234 was published Sep 9, 2025

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix mbss... High Unreviewed

CVE-2024-57899 was published Jan 15, 2025

A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to... High Unreviewed

CVE-2025-62356 was published Oct 17, 2025

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed

CVE-2025-53778 was published Aug 12, 2025

The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed

CVE-2021-24755 was published Nov 30, 2021

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue... High Unreviewed

CVE-2025-38561 was published Aug 19, 2025

An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05... High Unreviewed

CVE-2025-61553 was published Oct 16, 2025

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. High Unreviewed

CVE-2025-60358 was published Oct 16, 2025

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-11898 was published Oct 17, 2025

An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed

CVE-2025-6892 was published Oct 17, 2025

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality ... High Unreviewed

CVE-2025-61541 was published Oct 16, 2025

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask... High Unreviewed

CVE-2024-57917 was published Jan 19, 2025

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call... High Unreviewed

CVE-2024-57904 was published Jan 19, 2025

A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4... High Unreviewed

CVE-2025-61543 was published Oct 16, 2025

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from... High Unreviewed

CVE-2025-11493 was published Oct 16, 2025

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the... High Unreviewed

CVE-2025-61536 was published Oct 16, 2025

Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality,... High Unreviewed

CVE-2025-22381 was published Oct 16, 2025

In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger:... High Unreviewed

CVE-2024-57792 was published Jan 11, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection... High Unreviewed

CVE-2025-34514 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed

CVE-2025-34517 was published Oct 16, 2025

A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string... High Unreviewed

CVE-2025-62496 was published Oct 16, 2025

A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when... High Unreviewed

CVE-2025-62491 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed

CVE-2025-34518 was published Oct 16, 2025

A type confusion vulnerability exists in the handling of the string addition (+) operation within... High Unreviewed

CVE-2025-62494 was published Oct 16, 2025

An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due... High Unreviewed

CVE-2025-62495 was published Oct 16, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,405 advisories