GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,360
Composer 4,933
Erlang 39
GitHub Actions 38
Go 2,595
Maven 6,047
npm 4,247
NuGet 754
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,563

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,226 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects... Critical Unreviewed

CVE-2025-12104 was published Oct 23, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the... Critical Unreviewed

CVE-2025-47699 was published Oct 23, 2025

Deserialization of Untrusted Data vulnerability in AncoraThemes BugsPatrol bugspatrol allows... Critical Unreviewed

CVE-2025-60225 was published Oct 22, 2025

Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows... Critical Unreviewed

CVE-2025-60214 was published Oct 22, 2025

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on... Critical Unreviewed

CVE-2025-57870 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2025-52741 was published Oct 22, 2025

AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection... Critical Unreviewed

CVE-2016-15048 was published Oct 22, 2025

TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. Critical Unreviewed

CVE-2025-56447 was published Oct 22, 2025

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed

CVE-2025-41108 was published Oct 22, 2025

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated... Critical Unreviewed

CVE-2025-41723 was published Oct 22, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-62481 was published Oct 21, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-53072 was published Oct 21, 2025

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed

CVE-2025-61757 was published Oct 21, 2025

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Critical Unreviewed

CVE-2025-53037 was published Oct 21, 2025

NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow Critical

CVE-2025-54469 was published for github.com/neuvector/neuvector (Go) Oct 21, 2025

The affected Raisecom devices allow SSH sessions to be established without completing user... Critical Unreviewed

CVE-2025-11534 was published Oct 21, 2025

Improper authentication in the web-based management interface of NETLINK HG322G V1.0.00-231017,... Critical Unreviewed

CVE-2025-60772 was published Oct 21, 2025

Cosmos EVM Vulnerability Critical

GHSA-8pfh-j44r-f654 was published for github.com/cosmos/evm (Go) Oct 21, 2025

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that... Critical Unreviewed

CVE-2025-11625 was published Oct 21, 2025

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command... Critical Unreviewed

CVE-2025-10020 was published Oct 21, 2025

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit... Critical Unreviewed

CVE-2025-10640 was published Oct 21, 2025

Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation... Critical Unreviewed

CVE-2025-12004 was published Oct 21, 2025

The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-10916 was published Oct 21, 2025

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker. Critical Unreviewed

CVE-2025-6542 was published Oct 21, 2025

A command injection vulnerability may be exploited after the admin's authentication on the web... Critical Unreviewed

CVE-2025-7850 was published Oct 21, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,226 advisories