GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,588

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,436 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations... Moderate Unreviewed

CVE-2025-24002 was published Jul 8, 2025

A local attacker with a local user account can leverage a vulnerable script via SSH to escalate... High Unreviewed

CVE-2025-24005 was published Jul 8, 2025

An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400.... High Unreviewed

CVE-2025-26780 was published Jul 7, 2025

A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical.... Moderate Unreviewed

CVE-2025-7099 was published Jul 7, 2025

A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This... Low Unreviewed

CVE-2025-7060 was published Jul 4, 2025

Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds... Moderate Unreviewed

CVE-2025-53502 was published Jul 3, 2025

A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions... Moderate Unreviewed

CVE-2025-6563 was published Jul 3, 2025

A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol ... Critical Unreviewed

CVE-2025-34072 was published Jul 2, 2025

Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows... Moderate Unreviewed

CVE-2025-27023 was published Jul 2, 2025

A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum... Critical Unreviewed

CVE-2025-34060 was published Jul 1, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the... Critical Unreviewed

CVE-2025-34056 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the... Critical Unreviewed

CVE-2025-34055 was published Jul 1, 2025

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This... Moderate Unreviewed

CVE-2025-53075 was published Jun 30, 2025

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers... Moderate Unreviewed

CVE-2025-53076 was published Jun 30, 2025

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue... Moderate Unreviewed

CVE-2025-5878 was published Jun 29, 2025

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results... Moderate Unreviewed

CVE-2023-28911 was published Jun 28, 2025

ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This... Moderate Unreviewed

CVE-2025-6444 was published Jun 26, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting... Critical Unreviewed

CVE-2025-34036 was published Jun 26, 2025

A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the... High Unreviewed

CVE-2025-34031 was published Jun 26, 2025

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and... Critical Unreviewed

CVE-2025-34035 was published Jun 26, 2025

An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded... High Unreviewed

CVE-2025-34033 was published Jun 26, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin version... Moderate Unreviewed

CVE-2025-34032 was published Jun 26, 2025

A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing... High Unreviewed

CVE-2025-34047 was published Jun 26, 2025

Previous 1…9…400 Next

Previous 1 2 … 7 8 9 10 11 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,436 advisories