GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,904
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,711
Maven 6,141
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,899

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278,899 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users... Moderate Unreviewed

CVE-2025-66200 was published Dec 5, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed

CVE-2025-1913 was published Mar 26, 2025

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.... Critical Unreviewed

CVE-2023-49666 was published Jan 4, 2024

Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on... High Unreviewed

CVE-2025-64057 was published Dec 5, 2025

When reading an HTTP response from a server, if no read amount is specified, the default behavior... Moderate Unreviewed

CVE-2025-13836 was published Dec 1, 2025

Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but... High Unreviewed

CVE-2025-58098 was published Dec 5, 2025

Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command... High Unreviewed

CVE-2020-36882 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34265 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34264 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34263 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34259 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a hard-coded cryptographic key... Critical Unreviewed

CVE-2025-34256 was published Dec 5, 2025

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local... Unknown Unreviewed

CVE-2025-64056 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34266 was published Dec 5, 2025

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local... Unknown Unreviewed

CVE-2025-64052 was published Dec 5, 2025

A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function... Moderate Unreviewed

CVE-2025-14089 was published Dec 5, 2025

A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an... Moderate Unreviewed

CVE-2025-14090 was published Dec 5, 2025

A weakness has been identified in TrippWasTaken PHP-Guitar-Shop up to... Moderate Unreviewed

CVE-2025-14091 was published Dec 5, 2025

A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the... Moderate Unreviewed

CVE-2025-14092 was published Dec 5, 2025

Authentication Bypass via Hardcoded Credentials GoAway up to v0.62.18, fixed in 0.62.19, uses a... Unknown Unreviewed

CVE-2025-65730 was published Dec 5, 2025

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing... Moderate Unreviewed

CVE-2025-14104 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34261 was published Dec 5, 2025

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution... Critical Unreviewed

CVE-2020-36877 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34262 was published Dec 5, 2025

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability... High Unreviewed

CVE-2020-36878 was published Dec 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278,899 advisories