Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,422 advisories

Loading
An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap... Critical Unreviewed
CVE-2025-27918 was published Nov 6, 2025
An issue was discovered in AnyDesk through 9.0.4. Remote Denial of Service can occur because of... High Unreviewed
CVE-2025-27917 was published Nov 6, 2025
An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is... High Unreviewed
CVE-2025-27916 was published Nov 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-62075 was published Nov 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ContestGallery developer... Moderate Unreviewed
CVE-2025-62950 was published Nov 6, 2025
alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application... Unknown Unreviewed
CVE-2025-63307 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64196 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64198 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in KingAddons.com King Addons for... Critical Unreviewed
CVE-2025-6327 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-62076 was published Nov 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for... Critical Unreviewed
CVE-2025-62065 was published Nov 6, 2025
Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows... Moderate Unreviewed
CVE-2025-62914 was published Nov 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-64287 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64224 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-64232 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king... Critical Unreviewed
CVE-2025-6325 was published Nov 6, 2025
The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative... Critical Unreviewed
CVE-2025-59396 was published Nov 6, 2025
A maliciously crafted file, when executed on the victim's machine, can lead to privilege... High Unreviewed
CVE-2025-10885 was published Nov 6, 2025
Improper privilege management during pre-MFA cookie handling in Devolutions Server 2025.3.5.0 and... High Unreviewed
CVE-2025-12485 was published Nov 6, 2025
Improper access control in Devolutions Server 2025.3.5.0 and earlier allows a View-only user to... Moderate Unreviewed
CVE-2025-12808 was published Nov 6, 2025
A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php router when attacker... High Unreviewed
CVE-2025-63589 was published Nov 6, 2025
An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows... High Unreviewed
CVE-2025-63560 was published Nov 6, 2025
An unauthenticated reflected cross-site scripting vulnerability in the query handling of... High Unreviewed
CVE-2025-63588 was published Nov 6, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search &... Critical Unreviewed
CVE-2025-62064 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-62074 was published Nov 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database