Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,320 advisories

Loading
OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed
CVE-2025-62586 was published Oct 16, 2025
An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed
CVE-2025-9152 was published Oct 16, 2025
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can... Moderate Unreviewed
CVE-2025-0275 was published Oct 16, 2025
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control.... Moderate Unreviewed
CVE-2025-0274 was published Oct 16, 2025
The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and... Moderate Unreviewed
CVE-2025-11728 was published Oct 15, 2025
NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. A successful exploit of... High Unreviewed
CVE-2025-23356 was published Oct 14, 2025
Multiple Broken Authentication security issues exist in the affected product. The security issues... Critical Unreviewed
CVE-2025-7328 was published Oct 14, 2025
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Critical Unreviewed
CVE-2025-40771 was published Oct 14, 2025
A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 <... Critical Unreviewed
CVE-2025-40765 was published Oct 14, 2025
An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the... High Unreviewed
CVE-2025-41703 was published Oct 14, 2025
Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed
CVE-2025-11672 was published Oct 13, 2025
Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication... Moderate Unreviewed
CVE-2025-11671 was published Oct 13, 2025
A vulnerability was found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11661 was published Oct 13, 2025
Azure Entra ID Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-59246 was published Oct 9, 2025
Newforma Info Exchange (NIX) accepts serialized .NET data via the '/remoteweb/remote.rem'... Critical Unreviewed
CVE-2025-35050 was published Oct 9, 2025
Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem'... High Unreviewed
CVE-2025-35051 was published Oct 9, 2025
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security... High Unreviewed
CVE-2025-11198 was published Oct 9, 2025
Better Auth: Unauthenticated API key creation through api-key plugin Critical
CVE-2025-61928 was published for better-auth (npm) Oct 9, 2025
etiennelunetta
Credited to etiennelunetta
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for... Moderate Unreviewed
CVE-2025-11171 was published Oct 8, 2025
A potential security vulnerability has been identified in HP Sure Start’s protection of the Intel... High Unreviewed
CVE-2023-6215 was published Oct 7, 2025
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all... Moderate Unreviewed
CVE-2025-10746 was published Oct 4, 2025
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an... High Unreviewed
CVE-2025-23293 was published Sep 30, 2025
The attacker may obtain root access by connecting to the UART port and this vulnerability... High Unreviewed
CVE-2025-10991 was published Sep 30, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... High Unreviewed
CVE-2025-34228 was published Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed
CVE-2025-34229 was published Sep 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database