Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,860 advisories

Loading
Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows... Low Unreviewed
CVE-2023-29144 was published Dec 12, 2025
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed... Low Unreviewed
CVE-2025-36755 was published Dec 12, 2025
SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader... Low Unreviewed
CVE-2025-36744 was published Dec 12, 2025
The WP Fastest Cache plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Low Unreviewed
CVE-2025-10583 was published Dec 12, 2025
In JetBrains TeamCity before 2025.11 path traversal was possible via file upload Low Unreviewed
CVE-2025-67742 was published Dec 11, 2025
Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into... Low Unreviewed
CVE-2025-13912 was published Dec 11, 2025
In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local... Low Unreviewed
CVE-2025-67739 was published Dec 11, 2025
In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's... Low Unreviewed
CVE-2025-67740 was published Dec 11, 2025
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2.... Low Unreviewed
CVE-2025-55307 was published Dec 11, 2025
AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE Low
CVE-2025-67737 was published for azuracast/azuracast (Composer) Dec 11, 2025
Cillian-Collins
Credited to Cillian-Collins
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18... Low Unreviewed
CVE-2025-12734 was published Dec 11, 2025
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the... Low Unreviewed
CVE-2025-14485 was published Dec 11, 2025
Improper Validation of Query Parameters in Auth0 Next.js SDK Low
CVE-2025-67716 was published for @auth0/nextjs-auth0 (npm) Dec 10, 2025
MegaManSec
Credited to MegaManSec
It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool... Low Unreviewed
CVE-2025-5467 was published Dec 10, 2025
Jenkins has a CSRF vulnerability on the login form Low
CVE-2025-67639 was published for org.jenkins-ci.main:jenkins-core (Maven) Dec 10, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-13127 was published Dec 10, 2025
Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions Low
CVE-2025-14082 was published for org.keycloak:keycloak-services (Maven) Dec 10, 2025
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to... Low Unreviewed
CVE-2025-13743 was published Dec 9, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... Low Unreviewed
CVE-2025-64786 was published Dec 9, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... Low Unreviewed
CVE-2025-64787 was published Dec 9, 2025
An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.4,... Low Unreviewed
CVE-2025-59923 was published Dec 9, 2025
A direct request ('forced browsing') vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6... Low Unreviewed
CVE-2025-57823 was published Dec 9, 2025
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS... Low Unreviewed
CVE-2025-12945 was published Dec 9, 2025
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4).... Low Unreviewed
CVE-2025-40818 was published Dec 9, 2025
@tiptap/extension-link vulnerable to Cross-site Scripting (XSS) Low
CVE-2025-14284 was published for @tiptap/extension-link (npm) Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database