Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,840 advisories

Loading
The 2wcom IP-4c 2.15.5 device's web interface includes an information disclosure vulnerability.... Moderate Unreviewed
CVE-2025-57433 was published Sep 22, 2025
An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain... High Unreviewed
CVE-2023-49367 was published Sep 18, 2025
Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by... Moderate Unreviewed
CVE-2024-25011 was published Sep 18, 2025
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Impacted is an... Moderate Unreviewed
CVE-2025-10607 was published Sep 17, 2025
This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird... High Unreviewed
CVE-2025-10536 was published Sep 16, 2025
This vulnerability affects Firefox < 143. High Unreviewed
CVE-2025-10535 was published Sep 16, 2025
There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration... Low Unreviewed
CVE-2025-26710 was published Sep 16, 2025
There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of... Moderate Unreviewed
CVE-2025-26711 was published Sep 16, 2025
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2025-9808 was published Sep 16, 2025
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari... Moderate Unreviewed
CVE-2025-43356 was published Sep 16, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7,... Critical Unreviewed
CVE-2025-43362 was published Sep 16, 2025
A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8,... Moderate Unreviewed
CVE-2025-43367 was published Sep 16, 2025
An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 allowing attackers to gain... Moderate Unreviewed
CVE-2025-56467 was published Sep 12, 2025
A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is an unknown function of the file ... Moderate Unreviewed
CVE-2025-10321 was published Sep 12, 2025
Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint.... High Unreviewed
CVE-2025-55976 was published Sep 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump... Moderate Unreviewed
CVE-2025-10222 was published Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby... High Unreviewed
CVE-2025-36759 was published Sep 10, 2025
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2025-55052 was published Sep 9, 2025
An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a remote attacker to obtain... High Unreviewed
CVE-2025-29089 was published Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an... High Unreviewed
CVE-2025-55243 was published Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-53804 was published Sep 9, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... Moderate Unreviewed
CVE-2025-47997 was published Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed
CVE-2025-20270 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... Moderate Unreviewed
CVE-2025-40757 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database