Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,645 advisories

Loading
assyncmy is vulnerable to SQL injection via crafted dict keys Critical
CVE-2025-65896 was published for asyncmy (pip) Dec 2, 2025
The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed
CVE-2025-13542 was published Dec 2, 2025
A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute... Critical Unreviewed
CVE-2025-13658 was published Dec 2, 2025
code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the... Critical Unreviewed
CVE-2025-60736 was published Dec 2, 2025
Mautic user without privileged access to the Marketplace can install and uninstall composer packages Critical
CVE-2025-13828 was published for mautic/core (Composer) Dec 2, 2025
driskell escopecz
patrykgruszka
Credited to driskell, escopecz, and patrykgruszka
A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the... Critical Unreviewed
CVE-2025-60854 was published Dec 2, 2025
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via... Critical Unreviewed
CVE-2025-65358 was published Dec 2, 2025
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend... Critical Unreviewed
CVE-2025-65656 was published Dec 2, 2025
In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user management function is not... Critical Unreviewed
CVE-2025-58386 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... Critical Unreviewed
CVE-2025-59703 was published Dec 2, 2025
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through... Critical Unreviewed
CVE-2025-59693 was published Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user... Critical Unreviewed
CVE-2025-59695 was published Dec 2, 2025
Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows... Critical Unreviewed
CVE-2025-11778 was published Dec 2, 2025
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan'... Critical Unreviewed
CVE-2025-11779 was published Dec 2, 2025
Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged... Critical Unreviewed
CVE-2025-41744 was published Dec 2, 2025
Sprecher Automations SPRECON-E-C,  SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an... Critical Unreviewed
CVE-2025-41742 was published Dec 2, 2025
MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL Critical
CVE-2025-66401 was published for mcp-watch (npm) Dec 2, 2025
viralvaghela
Credited to viralvaghela
A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers... Critical Unreviewed
CVE-2025-51683 was published Dec 1, 2025
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the... Critical Unreviewed
CVE-2025-51682 was published Dec 1, 2025
PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController. Critical Unreviewed
CVE-2025-65836 was published Dec 1, 2025
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when... Critical Unreviewed
CVE-2025-8351 was published Dec 1, 2025
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php... Critical Unreviewed
CVE-2025-63535 was published Dec 1, 2025
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel... Critical Unreviewed
CVE-2025-63532 was published Dec 1, 2025
Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows... Critical Unreviewed
CVE-2025-3500 was published Dec 1, 2025
An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to... Critical Unreviewed
CVE-2025-63525 was published Dec 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database