Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146. High Unreviewed
CVE-2025-14327 was published Dec 9, 2025
1Panel – CAPTCHA Bypass via Client-Controlled Flag High
CVE-2025-66507 was published for github.com/1Panel-dev/1Panel (Go) Dec 8, 2025
aliyevmursal
Credited to aliyevmursal
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the... High Unreviewed
CVE-2025-54305 was published Dec 4, 2025
Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker... High Unreviewed
CVE-2025-12430 was published Nov 10, 2025
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54... High Unreviewed
CVE-2025-11209 was published Nov 7, 2025
An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is... High Unreviewed
CVE-2025-27916 was published Nov 6, 2025
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On... High Unreviewed
CVE-2025-11843 was published Oct 31, 2025
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to... High Unreviewed
CVE-2025-37147 was published Oct 14, 2025
A security vulnerability was identified in Obsidian Scheduler's REST API 5.0.0 thru 6.3.0. If an... High Unreviewed
CVE-2025-56449 was published Sep 29, 2025
Wi-SUN unexpected 4- Way Handshake packet receptions may lead to predictable keys and potentially... High Unreviewed
CVE-2025-7448 was published Sep 12, 2025
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503... High Unreviewed
CVE-2025-6188 was published Aug 26, 2025
IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges... High Unreviewed
CVE-2025-36119 was published Aug 8, 2025
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval... High Unreviewed
CVE-2025-31511 was published Jul 22, 2025
pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages High
CVE-2025-7346 was published for pyload-ng (pip) Jul 8, 2025
PinkDraconian
Credited to PinkDraconian
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of... High Unreviewed
CVE-2025-48906 was published Jun 6, 2025
Babylon Finality Provider `MsgCommitPubRandList` replay attack High
GHSA-7mm3-vfg8-7rg6 was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an... High Unreviewed
CVE-2025-3875 was published May 14, 2025
Passport-wsfed-saml2 allows SAML Authentication Bypass via Attribute Smuggling High
CVE-2025-46573 was published for passport-wsfed-saml2 (npm) May 6, 2025
kevinroh-okta
Credited to kevinroh-okta
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP... High Unreviewed
CVE-2025-28128 was published Apr 25, 2025
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in... High Unreviewed
CVE-2025-29621 was published Apr 22, 2025
There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this... High Unreviewed
CVE-2025-2188 was published Apr 17, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2025-31170 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58125 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58124 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58126 was published Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database