GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,261
Composer 4,904
Erlang 38
GitHub Actions 38
Go 2,566
Maven 6,033
npm 4,237
NuGet 753
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,775

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,400 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-11898 was published Oct 17, 2025

An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed

CVE-2025-6892 was published Oct 17, 2025

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality ... High Unreviewed

CVE-2025-61541 was published Oct 16, 2025

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask... High Unreviewed

CVE-2024-57917 was published Jan 19, 2025

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call... High Unreviewed

CVE-2024-57904 was published Jan 19, 2025

A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4... High Unreviewed

CVE-2025-61543 was published Oct 16, 2025

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from... High Unreviewed

CVE-2025-11493 was published Oct 16, 2025

Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality,... High Unreviewed

CVE-2025-22381 was published Oct 16, 2025

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the... High Unreviewed

CVE-2025-61536 was published Oct 16, 2025

In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger:... High Unreviewed

CVE-2024-57792 was published Jan 11, 2025

IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by... High Unreviewed

CVE-2025-36128 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection... High Unreviewed

CVE-2025-34514 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed

CVE-2025-34517 was published Oct 16, 2025

A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string... High Unreviewed

CVE-2025-62496 was published Oct 16, 2025

A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when... High Unreviewed

CVE-2025-62491 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed

CVE-2025-34518 was published Oct 16, 2025

A type confusion vulnerability exists in the handling of the string addition (+) operation within... High Unreviewed

CVE-2025-62494 was published Oct 16, 2025

An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due... High Unreviewed

CVE-2025-62495 was published Oct 16, 2025

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed

CVE-2025-62586 was published Oct 16, 2025

In quickjs, in js_print_object, when printing an array, the function first fetches the array... High Unreviewed

CVE-2025-62490 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm... High Unreviewed

CVE-2025-34519 was published Oct 16, 2025

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed

CVE-2025-61884 was published Oct 12, 2025

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value... High Unreviewed

CVE-2024-57791 was published Jan 11, 2025

Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a... High Unreviewed

CVE-2025-62585 was published Oct 16, 2025

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual... High Unreviewed

CVE-2025-62584 was published Oct 16, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,400 advisories