Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,583 advisories

Loading
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an... Low Unreviewed
CVE-2025-42909 was published Oct 14, 2025
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured... Low Unreviewed
CVE-2025-58084 was published Oct 13, 2025
tracexec has `env` command argument injection via environment variables starting with dash in traced exec events Low
GHSA-6fgx-x7m2-74qm was published for tracexec (Rust) Oct 13, 2025
kxxt
Credited to kxxt
Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited... Low Unreviewed
CVE-2025-27259 was published Oct 13, 2025
HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to... Low Unreviewed
CVE-2025-31995 was published Oct 13, 2025
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown... Low Unreviewed
CVE-2025-11647 was published Oct 13, 2025
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Low Unreviewed
CVE-2025-11650 was published Oct 13, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android.... Low Unreviewed
CVE-2025-11645 was published Oct 12, 2025
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown... Low Unreviewed
CVE-2025-11641 was published Oct 12, 2025
A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function... Low Unreviewed
CVE-2025-11640 was published Oct 12, 2025
A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown... Low Unreviewed
CVE-2025-11634 was published Oct 12, 2025
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an... Low Unreviewed
CVE-2025-2138 was published Oct 12, 2025
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an... Low Unreviewed
CVE-2025-2139 was published Oct 12, 2025
HCL Unica Platform is impacted by misconfigured security related HTTP headers. This can lead to... Low Unreviewed
CVE-2025-52615 was published Oct 12, 2025
HCL Unica Platform is affected by a Cookie without HTTPOnly Flag Set vulnerability. A malicious... Low Unreviewed
CVE-2025-52614 was published Oct 12, 2025
HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes... Low Unreviewed
CVE-2025-31998 was published Oct 12, 2025
HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery ... Low Unreviewed
CVE-2025-31993 was published Oct 12, 2025
The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to Cross-Site Request... Low Unreviewed
CVE-2025-8606 was published Oct 11, 2025
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this... Low Unreviewed
CVE-2025-58286 was published Oct 11, 2025
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this... Low Unreviewed
CVE-2025-58290 was published Oct 11, 2025
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this... Low Unreviewed
CVE-2025-58291 was published Oct 11, 2025
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this... Low Unreviewed
CVE-2025-58292 was published Oct 11, 2025
Permission control vulnerability in the camera module. Successful exploitation of this... Low Unreviewed
CVE-2025-58282 was published Oct 11, 2025
Sinatra is vulnerable to ReDoS through ETag header value generation Low
CVE-2025-61921 was published for sinatra (RubyGems) Oct 10, 2025
dentarg
Credited to dentarg
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database