Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,769 advisories

Loading
A weakness has been identified in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the... High Unreviewed
CVE-2025-11130 was published Sep 29, 2025
A flaw has been found in Tenda AC18 15.03.05.19. This impacts an unknown function of the file ... High Unreviewed
CVE-2025-11123 was published Sep 29, 2025
A vulnerability was detected in Tenda AC18 15.03.05.19. This affects an unknown function of the... High Unreviewed
CVE-2025-11122 was published Sep 29, 2025
A security flaw has been discovered in Apeman ID71 218.53.203.117. This vulnerability affects... High Unreviewed
CVE-2025-11126 was published Sep 29, 2025
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function... High Unreviewed
CVE-2025-11117 was published Sep 28, 2025
A weakness has been identified in Tenda AC8 16.03.34.06. The affected element is the function... High Unreviewed
CVE-2025-11120 was published Sep 28, 2025
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this... High Unreviewed
CVE-2025-11091 was published Sep 28, 2025
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the ... High Unreviewed
CVE-2025-7647 was published Sep 27, 2025
Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10... High Unreviewed
CVE-2025-8014 was published Sep 27, 2025
The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is... High Unreviewed
CVE-2025-9816 was published Sep 27, 2025
In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com... High Unreviewed
CVE-2025-10657 was published Sep 26, 2025
Wavlink M86X3A_V240730 contains a buffer overflow vulnerability in the /cgi-bin/ExportAllSettings... High Unreviewed
CVE-2025-55847 was published Sep 26, 2025
In DOXENSE WATCHDOC before 6.1.0.5094, private user puk codes can be disclosed for Active... High Unreviewed
CVE-2025-58385 was published Sep 26, 2025
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in... High Unreviewed
CVE-2025-59362 was published Sep 26, 2025
In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2... High Unreviewed
CVE-2025-9267 was published Sep 26, 2025
IBM Aspera HTTP Gateway 2.0.0 through 2.3.1 stores sensitive information in clear text in easily... High Unreviewed
CVE-2025-36274 was published Sep 26, 2025
Unrestricted file upload vulnerability in DocAve 6.13.2, Perimeter 1.12.3, Compliance Guardian 4... High Unreviewed
CVE-2025-10544 was published Sep 26, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-60153 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp allows Stored XSS. This... High Unreviewed
CVE-2025-60164 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flytedesk Flytedesk Digital allows Stored XSS.... High Unreviewed
CVE-2025-60172 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7... High Unreviewed
CVE-2025-60169 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce allows... High Unreviewed
CVE-2025-60173 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker allows... High Unreviewed
CVE-2025-60170 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for... High Unreviewed
CVE-2025-60171 was published Sep 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18... High Unreviewed
CVE-2025-9642 was published Sep 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database