GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,790

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,405 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to... High Unreviewed

CVE-2025-62356 was published Oct 17, 2025

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-11898 was published Oct 17, 2025

An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed

CVE-2025-6892 was published Oct 17, 2025

An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05... High Unreviewed

CVE-2025-61553 was published Oct 16, 2025

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. High Unreviewed

CVE-2025-60358 was published Oct 16, 2025

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from... High Unreviewed

CVE-2025-11493 was published Oct 16, 2025

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed

CVE-2025-62586 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection... High Unreviewed

CVE-2025-34514 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed

CVE-2025-34517 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed

CVE-2025-34518 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm... High Unreviewed

CVE-2025-34519 was published Oct 16, 2025

IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by... High Unreviewed

CVE-2025-36128 was published Oct 16, 2025

A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string... High Unreviewed

CVE-2025-62496 was published Oct 16, 2025

A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when... High Unreviewed

CVE-2025-62491 was published Oct 16, 2025

In quickjs, in js_print_object, when printing an array, the function first fetches the array... High Unreviewed

CVE-2025-62490 was published Oct 16, 2025

A type confusion vulnerability exists in the handling of the string addition (+) operation within... High Unreviewed

CVE-2025-62494 was published Oct 16, 2025

An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due... High Unreviewed

CVE-2025-62495 was published Oct 16, 2025

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the... High Unreviewed

CVE-2025-61536 was published Oct 16, 2025

Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality,... High Unreviewed

CVE-2025-22381 was published Oct 16, 2025

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality ... High Unreviewed

CVE-2025-61541 was published Oct 16, 2025

A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4... High Unreviewed

CVE-2025-61543 was published Oct 16, 2025

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... High Unreviewed

CVE-2025-54658 was published Oct 16, 2025

Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This... High Unreviewed

CVE-2025-41020 was published Oct 16, 2025

The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a... High Unreviewed

CVE-2025-10706 was published Oct 16, 2025

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual... High Unreviewed

CVE-2025-62584 was published Oct 16, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,405 advisories