Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,965
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,342 advisories

Loading
The privileged user could log in without sufficient credentials after enabling an application... High Unreviewed
CVE-2025-48397 was published Nov 3, 2025
A malicious actor with access to the management network could exploit a misconfiguration in UniFi... Critical Unreviewed
CVE-2025-52665 was published Oct 31, 2025
Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a... Critical Unreviewed
CVE-2023-7325 was published Oct 31, 2025
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode... Critical Unreviewed
CVE-2021-4461 was published Oct 31, 2025
Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed
CVE-2025-12476 was published Oct 29, 2025
Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed
CVE-2025-12477 was published Oct 29, 2025
microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows... High Unreviewed
CVE-2025-41090 was published Oct 28, 2025
Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing... High Unreviewed
CVE-2025-43994 was published Oct 24, 2025
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This... High Unreviewed
CVE-2025-41110 was published Oct 22, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2025-61756 was published Oct 22, 2025
Nautobot Single Source of Truth (SSoT) has an unauthenticated ServiceNow configuration URL Moderate
CVE-2025-62607 was published for nautobot-ssot (pip) Oct 21, 2025
gsnider2195 smk4664
jdrew82
Credited to gsnider2195, smk4664, and jdrew82
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed
CVE-2025-62481 was published Oct 21, 2025
Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications ... Moderate Unreviewed
CVE-2025-62287 was published Oct 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-61752 was published Oct 21, 2025
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed
CVE-2025-61757 was published Oct 21, 2025
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed
CVE-2025-53072 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed
CVE-2025-53034 was published Oct 21, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Critical Unreviewed
CVE-2025-53037 was published Oct 21, 2025
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication... High Unreviewed
CVE-2025-11949 was published Oct 21, 2025
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8... Critical Unreviewed
CVE-2025-9574 was published Oct 20, 2025
Reolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART... Moderate Unreviewed
CVE-2025-60856 was published Oct 20, 2025
OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed
CVE-2025-62586 was published Oct 16, 2025
An improper privilege management vulnerability exists in WSO2 API Manager due to missing... Critical Unreviewed
CVE-2025-9152 was published Oct 16, 2025
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can... Moderate Unreviewed
CVE-2025-0275 was published Oct 16, 2025
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control.... Moderate Unreviewed
CVE-2025-0274 was published Oct 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database