Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,769 advisories

Loading
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64537 was published Dec 10, 2025
A malicious actor can access camera configuration information, including account credentials,... Critical Unreviewed
CVE-2025-13607 was published Dec 10, 2025
DataGear v5.5.0 is vulnerable to Arbitrary File Deletion. Critical Unreviewed
CVE-2025-65792 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34392 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34393 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... Critical Unreviewed
CVE-2025-34394 was published Dec 10, 2025
Ibexa User Bundle is missing password change validation Critical
CVE-2025-67719 was published for ibexa/user (Composer) Dec 10, 2025
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root... Critical Unreviewed
CVE-2025-13184 was published Dec 10, 2025
Bypass vulnerability in the authentication method in the GTT Tax Information System application,... Critical Unreviewed
CVE-2025-13953 was published Dec 10, 2025
Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers... Critical Unreviewed
CVE-2025-13954 was published Dec 10, 2025
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478... Critical Unreviewed
CVE-2025-13955 was published Dec 10, 2025
The Elated Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed
CVE-2025-13613 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... Critical Unreviewed
CVE-2025-61809 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload... Critical Unreviewed
CVE-2025-61808 was published Dec 10, 2025
Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool Critical
CVE-2025-67511 was published for cai-framework (pip) Dec 9, 2025
edoardottt
Credited to edoardottt
Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in... Critical Unreviewed
CVE-2021-47728 was published Dec 9, 2025
Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows... Critical Unreviewed
CVE-2021-47731 was published Dec 9, 2025
MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to... Critical Unreviewed
CVE-2023-53771 was published Dec 9, 2025
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that... Critical Unreviewed
CVE-2023-53739 was published Dec 9, 2025
COMMAX Smart Home System CDP-1020n contains an SQL injection vulnerability that allows attackers... Critical Unreviewed
CVE-2021-47708 was published Dec 9, 2025
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote... Critical Unreviewed
CVE-2021-47707 was published Dec 9, 2025
Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could... Critical Unreviewed
CVE-2025-65741 was published Dec 9, 2025
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade... Critical Unreviewed
CVE-2025-65882 was published Dec 9, 2025
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0... Critical Unreviewed
CVE-2025-59718 was published Dec 9, 2025
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0,... Critical Unreviewed
CVE-2025-59719 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database