Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

142,636 advisories

Loading
Directus Vulnerable to Information Leakage in Existing Collections Moderate
CVE-2025-64749 was published for @directus/api (npm) Nov 13, 2025
sbstn-k kmzs
Credited to sbstn-k and kmzs
Directus's conceal fields are searchable if read permissions enabled Moderate
CVE-2025-64748 was published for @directus/api (npm) Nov 13, 2025
bryantgillespie
Credited to bryantgillespie
Astro vulnerable to URL manipulation via headers, leading to middleware and CVE-2025-61925 bypass Moderate
CVE-2025-64525 was published for astro (npm) Nov 13, 2025
cold-try delucis
Credited to cold-try and delucis
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure... Moderate Unreviewed
CVE-2025-46368 was published Nov 13, 2025
A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2025-4619 was published Nov 13, 2025
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an... Moderate Unreviewed
CVE-2025-13123 was published Nov 13, 2025
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access... Moderate Unreviewed
CVE-2025-46362 was published Nov 13, 2025
Keycloak allows Binding to an Unrestricted IP Address Moderate
CVE-2025-11538 was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 13, 2025
Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from... Moderate Unreviewed
CVE-2025-59480 was published Nov 13, 2025
A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function... Moderate Unreviewed
CVE-2025-13121 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd... Moderate Unreviewed
CVE-2025-60689 was published Nov 13, 2025
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute... Moderate Unreviewed
CVE-2025-20346 was published Nov 13, 2025
A stack-based buffer overflow exists in the get_merge_mac function of the httpd binary on Linksys... Moderate Unreviewed
CVE-2025-60693 was published Nov 13, 2025
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance... Moderate Unreviewed
CVE-2025-20355 was published Nov 13, 2025
A stack-based buffer overflow vulnerability exists in the mtk_dut binary of Linksys E7350 routers... Moderate Unreviewed
CVE-2025-60695 was published Nov 13, 2025
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0.... Moderate Unreviewed
CVE-2025-13122 was published Nov 13, 2025
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an... Moderate Unreviewed
CVE-2025-20353 was published Nov 13, 2025
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote... Moderate Unreviewed
CVE-2025-20349 was published Nov 13, 2025
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed
CVE-2025-12784 was published Nov 13, 2025
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to... Moderate Unreviewed
CVE-2025-12785 was published Nov 13, 2025
A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630... Moderate Unreviewed
CVE-2025-60685 was published Nov 13, 2025
Lichess lila before commit 11b4c0fb00f0ffd823246f839627005459c8f05c (2025-06-02) contains a... Moderate Unreviewed
CVE-2025-52186 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60683 was published Nov 13, 2025
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130)... Moderate Unreviewed
CVE-2025-60688 was published Nov 13, 2025
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130)... Moderate Unreviewed
CVE-2025-60684 was published Nov 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database