Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263,877 advisories

Loading
Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS... High Unreviewed
CVE-2025-1883 was published May 2, 2025
In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen... Unknown Unreviewed
CVE-2025-37798 was published May 2, 2025
Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default,... Critical Unreviewed
CVE-2025-3927 was published May 2, 2025
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF... Unknown Unreviewed
CVE-2025-37797 was published May 2, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2025-2605 was published May 2, 2025
A vulnerability, which was classified as critical, was found in AlanBinu007 Spring-Boot-Advanced... Moderate Unreviewed
CVE-2025-4175 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46631 was published May 2, 2025
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API. High Unreviewed
CVE-2024-48907 was published May 2, 2025
Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14... Moderate Unreviewed
CVE-2025-46632 was published May 2, 2025
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name. Moderate Unreviewed
CVE-2024-48906 was published May 2, 2025
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint. Critical Unreviewed
CVE-2024-48905 was published May 2, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing... Moderate Unreviewed
CVE-2025-4174 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44865 was published May 2, 2025
KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the... Moderate Unreviewed
CVE-2025-36558 was published May 2, 2025
KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a... Critical Unreviewed
CVE-2025-32011 was published May 2, 2025
KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker... High Unreviewed
CVE-2025-35996 was published May 2, 2025
MicroDicom DICOM Viewer is vulnerable to an out-of-bounds read which may allow an attacker to... High Unreviewed
CVE-2025-36521 was published May 2, 2025
Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to... High Unreviewed
CVE-2025-46627 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46630 was published May 2, 2025
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed
CVE-2025-46628 was published May 2, 2025
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46629 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44866 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44867 was published May 2, 2025
MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to... High Unreviewed
CVE-2025-35975 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44864 was published May 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database