GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,342
Composer 4,815
Erlang 36
GitHub Actions 32
Go 2,401
Maven 5,800
npm 4,045
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,391

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,194 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line... Critical Unreviewed

CVE-2025-8286 was published Jul 31, 2025

An unrestricted file upload vulnerability exists in Simple E-Document versions 3.0 to 3.1 that... Critical Unreviewed

CVE-2014-125126 was published Jul 31, 2025

A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with... Critical Unreviewed

CVE-2025-46811 was published Jul 30, 2025

Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows... High Unreviewed

CVE-2025-8279 was published Jul 28, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need... Moderate Unreviewed

CVE-2025-30126 was published Jul 28, 2025

An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without... Critical Unreviewed

CVE-2025-30135 was published Jul 25, 2025

A remote code execution vulnerability exists in HybridAuth versions 2.0.9 through 2.2.2 due to... Critical Unreviewed

CVE-2014-125116 was published Jul 25, 2025

A client-side remote code execution vulnerability exists in Samsung Security Manager versions 1... High Unreviewed

CVE-2016-15046 was published Jul 25, 2025

An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The... High Unreviewed

CVE-2013-10032 was published Jul 25, 2025

The embedded web server on the thermostat listed version ranges contain a vulnerability that... Critical Unreviewed

CVE-2025-6260 was published Jul 24, 2025

DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user... High Unreviewed

CVE-2025-48733 was published Jul 23, 2025

Mattermost Missing Authentication for Critical Function Moderate

CVE-2025-6226 was published for github.com/mattermost/mattermost-server (Go) Jul 18, 2025

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station... Critical Unreviewed

CVE-2025-34121 was published Jul 16, 2025

A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by... High Unreviewed

CVE-2025-34119 was published Jul 16, 2025

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2025-30762 was published Jul 15, 2025

An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior... Critical Unreviewed

CVE-2025-34104 was published Jul 15, 2025

A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version... Moderate Unreviewed

CVE-2025-52089 was published Jul 11, 2025

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services ... High Unreviewed

CVE-2025-53378 was published Jul 10, 2025

An unauthenticated user with management network access can get and modify the Radiflow iSAP... Critical Unreviewed

CVE-2025-3498 was published Jul 9, 2025

An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to... Critical Unreviewed

CVE-2025-34085 was published Jul 9, 2025

Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows... Moderate Unreviewed

CVE-2025-7031 was published Jul 8, 2025

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed

CVE-2025-48814 was published Jul 8, 2025

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... Critical Unreviewed

CVE-2025-40736 was published Jul 8, 2025

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an... High Unreviewed

CVE-2025-25268 was published Jul 8, 2025

Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 ... Critical Unreviewed

CVE-2025-45814 was published Jul 2, 2025

Previous 1 2 3 4 5 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,194 advisories