GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

915 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed

CVE-2025-24325 was published Aug 12, 2025

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed

CVE-2025-40746 was published Aug 12, 2025

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed

CVE-2025-2611 was published Aug 5, 2025

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed

CVE-2025-27212 was published Aug 5, 2025

LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed

CVE-2025-50578 was published Jul 30, 2025

This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15... Critical Unreviewed

CVE-2025-43253 was published Jul 30, 2025

Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed

CVE-2025-43234 was published Jul 30, 2025

An input validation issue was addressed with improved memory handling. This issue is fixed in... Critical Unreviewed

CVE-2025-31281 was published Jul 30, 2025

A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed

CVE-2014-125117 was published Jul 25, 2025

A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed

CVE-2025-34132 was published Jul 17, 2025

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed

CVE-2025-34300 was published Jul 16, 2025

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed

CVE-2025-34111 was published Jul 15, 2025

A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss... Critical Unreviewed

CVE-2025-34105 was published Jul 15, 2025

An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed

CVE-2025-34068 was published Jul 15, 2025

An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2... Critical Unreviewed

CVE-2025-34099 was published Jul 10, 2025

An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of... Critical Unreviewed

CVE-2025-34100 was published Jul 10, 2025

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4... Critical Unreviewed

CVE-2025-34101 was published Jul 10, 2025

A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009)... Critical Unreviewed

CVE-2025-34102 was published Jul 10, 2025

An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin ≤... Critical Unreviewed

CVE-2025-34083 was published Jul 9, 2025

A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol ... Critical Unreviewed

CVE-2025-34072 was published Jul 2, 2025

A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum... Critical Unreviewed

CVE-2025-34060 was published Jul 1, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the... Critical Unreviewed

CVE-2025-34056 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the... Critical Unreviewed

CVE-2025-34055 was published Jul 1, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

Previous 12…37 Next

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

915 advisories