Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112,524 advisories

Loading
Insecure deserialization in Ivanti Endpoint Manager allows a local authenticated attacker to... High Unreviewed
CVE-2025-11622 was published Oct 13, 2025
Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve... High Unreviewed
CVE-2025-9713 was published Oct 13, 2025
Omni vulnerable to information leak via API High
CVE-2025-61688 was published for github.com/siderolabs/omni (Go) Oct 13, 2025
MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string High
CVE-2025-11695 was published for mongodb (Rust) Oct 13, 2025
llama-index has Insecure Temporary File High
CVE-2025-7707 was published for llama-index (pip) Oct 13, 2025
Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import... High Unreviewed
CVE-2025-9902 was published Oct 13, 2025
Ash Framework: Filter authorization misapplies impossible bypass/runtime policies High
CVE-2025-48043 was published for ash (Erlang) Oct 13, 2025
maennchen zachdaniel
Credited to maennchen and zachdaniel
Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing... High Unreviewed
CVE-2025-11675 was published Oct 13, 2025
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged... High Unreviewed
CVE-2025-11673 was published Oct 13, 2025
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed
CVE-2025-9968 was published Oct 13, 2025
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the... High Unreviewed
CVE-2025-11666 was published Oct 13, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Specification Management in ENOVIA... High Unreviewed
CVE-2025-10556 was published Oct 13, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release... High Unreviewed
CVE-2025-10552 was published Oct 13, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA... High Unreviewed
CVE-2025-10557 was published Oct 13, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release... High Unreviewed
CVE-2025-10558 was published Oct 13, 2025
EMCLI contains a high severity vulnerability where improper neutralization of special elements... High Unreviewed
CVE-2025-0636 was published Oct 13, 2025
Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious... High Unreviewed
CVE-2025-8915 was published Oct 13, 2025
A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some... High Unreviewed
CVE-2025-11652 was published Oct 13, 2025
A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of... High Unreviewed
CVE-2025-11653 was published Oct 13, 2025
IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10... High Unreviewed
CVE-2025-36087 was published Oct 13, 2025
A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability... High Unreviewed
CVE-2025-11651 was published Oct 13, 2025
A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown... High Unreviewed
CVE-2025-11649 was published Oct 13, 2025
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed
CVE-2025-61884 was published Oct 12, 2025
The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to authorization bypass... High Unreviewed
CVE-2025-8593 was published Oct 11, 2025
Data processing error vulnerability in the package management module. Successful exploitation of... High Unreviewed
CVE-2025-58298 was published Oct 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database