Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,746
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,175 advisories

Loading
NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts)... Critical Unreviewed
CVE-2025-65548 was published Dec 8, 2025
In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within... Critical Unreviewed
CVE-2025-14265 was published Dec 11, 2025
The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to... Critical Unreviewed
CVE-2025-13764 was published Dec 11, 2025
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2025-14330 was published Dec 9, 2025
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2025-14324 was published Dec 9, 2025
A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery... Critical Unreviewed
CVE-2025-2538 was published Mar 20, 2025
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that... Critical Unreviewed
CVE-2020-36902 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated remote code execution... Critical Unreviewed
CVE-2020-36897 was published Dec 10, 2025
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient... Critical Unreviewed
CVE-2020-36885 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that... Critical Unreviewed
CVE-2020-36894 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation... Critical Unreviewed
CVE-2020-36892 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64537 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64538 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64539 was published Dec 10, 2025
A malicious actor can access camera configuration information, including account credentials,... Critical Unreviewed
CVE-2025-13607 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34392 was published Dec 10, 2025
Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146. Critical Unreviewed
CVE-2025-14326 was published Dec 9, 2025
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root... Critical Unreviewed
CVE-2025-13184 was published Dec 10, 2025
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that... Critical Unreviewed
CVE-2023-53739 was published Dec 9, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... Critical Unreviewed
CVE-2025-34394 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34393 was published Dec 10, 2025
Bypass vulnerability in the authentication method in the GTT Tax Information System application,... Critical Unreviewed
CVE-2025-13953 was published Dec 10, 2025
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478... Critical Unreviewed
CVE-2025-13955 was published Dec 10, 2025
Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers... Critical Unreviewed
CVE-2025-13954 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database