GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

133,572 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an... Moderate Unreviewed

CVE-2025-14285 was published Dec 9, 2025

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed

CVE-2025-12635 was published Dec 9, 2025

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user... Moderate Unreviewed

CVE-2025-64650 was published Dec 9, 2025

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is... Moderate Unreviewed

CVE-2025-33111 was published Dec 9, 2025

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could... Moderate Unreviewed

CVE-2025-36015 was published Dec 9, 2025

IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service... Moderate Unreviewed

CVE-2025-36140 was published Dec 9, 2025

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request... Moderate Unreviewed

CVE-2025-12832 was published Dec 9, 2025

A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown... Moderate Unreviewed

CVE-2025-14276 was published Dec 9, 2025

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores... Moderate Unreviewed

CVE-2025-36017 was published Dec 9, 2025

A stored cross-site scripting (XSS) vulnerability exists in the web interface of Lyrion Music... Moderate Unreviewed

CVE-2025-65229 was published Dec 8, 2025

Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType parameter, which... Moderate Unreviewed

CVE-2025-65804 was published Dec 8, 2025

In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a... Moderate Unreviewed

CVE-2025-48608 was published Dec 8, 2025

A lack of file name validation or verification in the Attachment service of usememos memos v0.25... Moderate Unreviewed

CVE-2025-65799 was published Dec 8, 2025

A memory disclosure vulnerability exists in libcoap's OSCORE configuration parser in libcoap... Moderate Unreviewed

CVE-2025-59391 was published Dec 8, 2025

A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is... Moderate Unreviewed

CVE-2025-14259 was published Dec 8, 2025

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this... Moderate Unreviewed

CVE-2025-14258 was published Dec 8, 2025

In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer... Moderate Unreviewed

CVE-2025-48622 was published Dec 8, 2025

In multiple locations, there is a possible permanent denial of service due to resource exhaustion... Moderate Unreviewed

CVE-2025-48569 was published Dec 8, 2025

Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated... Moderate Unreviewed

CVE-2025-65363 was published Dec 8, 2025

In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there... Moderate Unreviewed

CVE-2025-48576 was published Dec 8, 2025

In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to... Moderate Unreviewed

CVE-2025-48590 was published Dec 8, 2025

In multiple locations, there is a possible way to read files from another user due to a missing... Moderate Unreviewed

CVE-2025-48591 was published Dec 8, 2025

In multiple locations, there is a possible permanent denial of service due to improper input... Moderate Unreviewed

CVE-2025-48601 was published Dec 8, 2025

In multiple locations, there is a possible way to read files from another user due to a missing... Moderate Unreviewed

CVE-2025-48604 was published Dec 8, 2025

In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due... Moderate Unreviewed

CVE-2025-48603 was published Dec 8, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

133,572 advisories