GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,261
Composer 4,904
Erlang 38
GitHub Actions 38
Go 2,566
Maven 6,033
npm 4,237
NuGet 753
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,775

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,705 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed

CVE-2025-6949 was published Oct 17, 2025

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-11900 was published Oct 17, 2025

An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security... Critical Unreviewed

CVE-2025-6950 was published Oct 17, 2025

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability,... Critical Unreviewed

CVE-2025-11899 was published Oct 17, 2025

An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed

CVE-2025-6893 was published Oct 17, 2025

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content... Critical Unreviewed

CVE-2025-46101 was published Jun 23, 2025

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration... Critical Unreviewed

CVE-2025-54253 was published Aug 5, 2025

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of... Critical Unreviewed

CVE-2025-11492 was published Oct 16, 2025

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component:... Critical Unreviewed

CVE-2025-61882 was published Oct 5, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary... Critical Unreviewed

CVE-2025-34515 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials... Critical Unreviewed

CVE-2025-34516 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection... Critical Unreviewed

CVE-2025-34513 was published Oct 16, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and... Critical Unreviewed

CVE-2025-34196 was published Sep 29, 2025

Due to an insufficient access control implementation in multiple WSO2 Products, authentication... Critical Unreviewed

CVE-2025-10611 was published Oct 16, 2025

An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed

CVE-2025-9152 was published Oct 16, 2025

An improper access control vulnerability exists in multiple WSO2 products due to insufficient... Critical Unreviewed

CVE-2025-9804 was published Oct 16, 2025

Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab... Critical Unreviewed

CVE-2025-62583 was published Oct 16, 2025

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated... Critical Unreviewed

CVE-2025-9242 was published Sep 17, 2025

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which... Critical Unreviewed

CVE-2025-6338 was published Oct 16, 2025

SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed

CVE-2025-41018 was published Oct 16, 2025

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed

CVE-2025-41019 was published Oct 16, 2025

The Truelysell Core plugin for WordPress is vulnerable to Arbitrary User Password Change in... Critical Unreviewed

CVE-2025-10742 was published Oct 16, 2025

The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up... Critical Unreviewed

CVE-2025-10850 was published Oct 16, 2025

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath... Critical Unreviewed

CVE-2025-49794 was published Jun 16, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,705 advisories