Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,683 advisories

Loading
Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to... High Unreviewed
CVE-2025-12183 was published Nov 28, 2025
Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file()... High Unreviewed
CVE-2025-12638 was published Nov 28, 2025
CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0. High Unreviewed
CVE-2025-51735 was published Nov 28, 2025
app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for... High Unreviewed
CVE-2025-66384 was published Nov 28, 2025
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated... High Unreviewed
CVE-2025-13768 was published Nov 28, 2025
WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated... High Unreviewed
CVE-2025-13771 was published Nov 28, 2025
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed
CVE-2025-13769 was published Nov 28, 2025
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed
CVE-2025-13770 was published Nov 28, 2025
Vulnerability of improper criterion security check in the call module. Impact: Successful... High Unreviewed
CVE-2025-58308 was published Nov 28, 2025
Permission control vulnerability in the Settings module. Impact: Successful exploitation of this... High Unreviewed
CVE-2025-58302 was published Nov 28, 2025
Permission control vulnerability in the distributed component. Impact: Successful exploitation of... High Unreviewed
CVE-2025-58310 was published Nov 28, 2025
DoS vulnerability in the video-related system service module. Impact: Successful exploitation of... High Unreviewed
CVE-2025-58316 was published Nov 28, 2025
UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of... High Unreviewed
CVE-2025-58303 was published Nov 28, 2025
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of... High Unreviewed
CVE-2025-66359 was published Nov 28, 2025
The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-13692 was published Nov 27, 2025
Improper input sanitization in the file archives upload functionality of Eaton Galileo software... High Unreviewed
CVE-2025-59890 was published Nov 27, 2025
The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-13536 was published Nov 27, 2025
The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to Payment Bypass in all... High Unreviewed
CVE-2025-7820 was published Nov 27, 2025
Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One... High Unreviewed
CVE-2025-12758 was published Nov 27, 2025
The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and... High Unreviewed
CVE-2025-13680 was published Nov 27, 2025
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing... High Unreviewed
CVE-2025-66314 was published Nov 27, 2025
A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the... High Unreviewed
CVE-2025-0658 was published Nov 27, 2025
A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01... High Unreviewed
CVE-2025-0657 was published Nov 27, 2025
Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated... High Unreviewed
CVE-2020-36873 was published Nov 27, 2025
BACnet Test Server versions up to and including 1.01 contains a remote denial of service... High Unreviewed
CVE-2020-36872 was published Nov 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database