GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,378

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,910 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-11202 was published Oct 29, 2025

Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU... Critical Unreviewed

CVE-2025-12479 was published Oct 29, 2025

Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12476 was published Oct 29, 2025

Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12477 was published Oct 29, 2025

Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19... Critical Unreviewed

CVE-2025-12478 was published Oct 29, 2025

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some... Critical Unreviewed

CVE-2025-63622 was published Oct 29, 2025

A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1... Critical Unreviewed

CVE-2024-45162 was published Oct 29, 2025

WordPress plugin Contact Form CFDB7 versions up to and including 1.3.2 are affected by a pre... Critical Unreviewed

CVE-2025-4665 was published Oct 29, 2025

An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public... Critical Unreviewed

CVE-2025-61235 was published Oct 28, 2025

Protocol manipulation might lead to denial of service.This issue affects BLU-IC2: through 1.19.5;... Critical Unreviewed

CVE-2025-12423 was published Oct 28, 2025

Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Critical Unreviewed

CVE-2025-12424 was published Oct 28, 2025

Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed

CVE-2025-12425 was published Oct 28, 2025

zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via... Critical Unreviewed

CVE-2025-60355 was published Oct 28, 2025

Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on... Critical Unreviewed

CVE-2025-12422 was published Oct 28, 2025

IBM Maximo Application Suite 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 could allow a remote... Critical Unreviewed

CVE-2025-36386 was published Oct 28, 2025

An out-of-bounds read vulnerability has been discovered in Monkey's Audio 11.31, specifically in... Critical Unreviewed

CVE-2025-61043 was published Oct 28, 2025

Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware... Critical Unreviewed

CVE-2025-61128 was published Oct 28, 2025

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after... Critical Unreviewed

CVE-2025-12380 was published Oct 28, 2025

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials... Critical Unreviewed

CVE-2025-9313 was published Oct 28, 2025

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12364 was published Oct 27, 2025

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12363 was published Oct 27, 2025

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload... Critical Unreviewed

CVE-2025-27224 was published Oct 27, 2025

Rox, the software running BeWelcome, contains a PHP object injection vulnerability resulting from... Critical Unreviewed

CVE-2025-34292 was published Oct 27, 2025

An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-61481 was published Oct 27, 2025

An issue was discovered in eTimeTrackLite Web thru 12.0 (20250704). There is a permission control... Critical Unreviewed

CVE-2025-60291 was published Oct 27, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,910 advisories