GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,960
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,736
Maven 6,144
npm 4,336
NuGet 764
pip 4,110
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,802

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,146 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0... Critical Unreviewed

CVE-2025-59718 was published Dec 9, 2025

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0,... Critical Unreviewed

CVE-2025-59719 was published Dec 9, 2025

Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard)... Critical Unreviewed

CVE-2025-34414 was published Dec 9, 2025

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in... Critical Unreviewed

CVE-2025-42928 was published Dec 9, 2025

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert... Critical Unreviewed

CVE-2025-42880 was published Dec 9, 2025

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX... Critical Unreviewed

CVE-2025-40800 was published Dec 9, 2025

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), JT... Critical Unreviewed

CVE-2025-40801 was published Dec 9, 2025

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Critical Unreviewed

CVE-2025-40938 was published Dec 9, 2025

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode... Critical Unreviewed

CVE-2025-14307 was published Dec 9, 2025

An integer overflow vulnerability exists in the write method of the Buffer class in Robocode... Critical Unreviewed

CVE-2025-14308 was published Dec 9, 2025

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb... Critical Unreviewed

CVE-2025-14310 was published Dec 9, 2025

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9... Critical Unreviewed

CVE-2025-14306 was published Dec 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-12504 was published Dec 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site... Critical Unreviewed

CVE-2025-11022 was published Dec 9, 2025

Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote... Critical Unreviewed

CVE-2025-10573 was published Dec 9, 2025

SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting... Critical Unreviewed

CVE-2025-64081 was published Dec 8, 2025

In multiple locations, there is a possible way to launch an application from the background due... Critical Unreviewed

CVE-2025-48626 was published Dec 8, 2025

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to... Critical Unreviewed

CVE-2025-27020 was published Dec 8, 2025

Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize... Critical Unreviewed

CVE-2025-27019 was published Dec 8, 2025

The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress... Critical Unreviewed

CVE-2025-13377 was published Dec 6, 2025

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2025-12673 was published Dec 6, 2025

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account... Critical Unreviewed

CVE-2025-34291 was published Dec 6, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a hard-coded cryptographic key... Critical Unreviewed

CVE-2025-34256 was published Dec 5, 2025

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution... Critical Unreviewed

CVE-2020-36877 was published Dec 5, 2025

The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login ... Critical Unreviewed

CVE-2025-12374 was published Dec 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,146 advisories