Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,769 advisories

Loading
Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to... Critical Unreviewed
CVE-2024-58301 was published Dec 12, 2025
In AudioDecoder::HandleProduceRequest of audio_decoder.cc, there is a possible out of bounds... Critical Unreviewed
CVE-2025-36937 was published Dec 11, 2025
pgadmin4 has a Meta-Command Filter Command Execution Critical
CVE-2025-13780 was published for pgadmin4 (pip) Dec 11, 2025
zeropwn Cycloctane
Credited to zeropwn and Cycloctane
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66045 was published Dec 11, 2025
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66046 was published Dec 11, 2025
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66047 was published Dec 11, 2025
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66043 was published Dec 11, 2025
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66044 was published Dec 11, 2025
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed
CVE-2025-66048 was published Dec 11, 2025
An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6... Critical Unreviewed
CVE-2025-65473 was published Dec 11, 2025
In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within... Critical Unreviewed
CVE-2025-14265 was published Dec 11, 2025
The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to... Critical Unreviewed
CVE-2025-13764 was published Dec 11, 2025
Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025... Critical Unreviewed
CVE-2025-65294 was published Dec 11, 2025
The mobile application was found to contain stored credentials for the network it was developed... Critical Unreviewed
CVE-2025-65826 was published Dec 10, 2025
The mobile application is configured to allow clear text traffic to all domains and communicates... Critical Unreviewed
CVE-2025-65827 was published Dec 10, 2025
The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for... Critical Unreviewed
CVE-2025-65823 was published Dec 10, 2025
Due to a lack of certificate validation, all traffic from the mobile application can be... Critical Unreviewed
CVE-2025-65830 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation... Critical Unreviewed
CVE-2020-36892 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that... Critical Unreviewed
CVE-2020-36902 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that... Critical Unreviewed
CVE-2020-36894 was published Dec 10, 2025
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient... Critical Unreviewed
CVE-2020-36885 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated remote code execution... Critical Unreviewed
CVE-2020-36897 was published Dec 10, 2025
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can... Critical Unreviewed
CVE-2025-65820 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64539 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64538 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database