GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,438
Composer 4,411
Erlang 33
GitHub Actions 22
Go 2,146
Maven 5,316
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 899
Swift 38

Unreviewed advisories

All unreviewed 246,040

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

246,040 advisories

Filter by severity

Sort by

Least recently updated

A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with... Unknown Unreviewed

CVE-2025-25476 was published Mar 1, 2025

Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute... Unknown Unreviewed

CVE-2025-25379 was published Mar 1, 2025

Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code. Unknown Unreviewed

CVE-2025-25723 was published Mar 1, 2025

The account file upload functionality in Syspass 3.2.x fails to properly handle special... Unknown Unreviewed

CVE-2025-25478 was published Mar 1, 2025

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed

CVE-2025-26466 was published Mar 1, 2025

Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is... High Unreviewed

CVE-2024-1509 was published Mar 1, 2025

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability... Unknown Unreviewed

CVE-2025-25635 was published Feb 28, 2025

PixelYourSite - Your smart PIXEL (TAG) and API Manager 10.1.1.1 was found to be vulnerable.... Moderate Unreviewed

CVE-2025-0769 was published Feb 28, 2025

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability... Unknown Unreviewed

CVE-2025-25610 was published Feb 28, 2025

IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2... Critical Unreviewed

CVE-2025-0159 was published Feb 28, 2025

TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc... Unknown Unreviewed

CVE-2025-25428 was published Feb 28, 2025

During an address list folding when a separating comma ends up on a folded line and that line is... Low Unreviewed

CVE-2025-1795 was published Feb 28, 2025

IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2... High Unreviewed

CVE-2025-0160 was published Feb 28, 2025

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability... Unknown Unreviewed

CVE-2025-25609 was published Feb 28, 2025

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the... Moderate Unreviewed

CVE-2025-25429 was published Feb 28, 2025

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the... Unknown Unreviewed

CVE-2025-25431 was published Feb 28, 2025

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the... Unknown Unreviewed

CVE-2025-25430 was published Feb 28, 2025

Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed

CVE-2025-24849 was published Feb 28, 2025

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to cause a denial of... Moderate Unreviewed

CVE-2024-54175 was published Feb 28, 2025

Loggrove v1.0 is vulnerable to SQL Injection in the read.py file. Unknown Unreviewed

CVE-2025-26047 was published Feb 28, 2025

A Stored Cross-Site Scripting (XSS) vulnerability exists in SeedDMS 6.0.29. A user or rogue admin... Moderate Unreviewed

CVE-2025-25461 was published Feb 28, 2025

Cryptographic key extraction from internal flash in Minut M2 with firmware version #15142 allows... Unknown Unreviewed

CVE-2024-44754 was published Feb 28, 2025

GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less, is vulnerable... Unknown Unreviewed

CVE-2025-26263 was published Feb 28, 2025

An attacker could expose cross-user personal identifiable information (PII) and personal health... High Unreviewed

CVE-2025-20060 was published Feb 28, 2025

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in... Moderate Unreviewed

CVE-2025-0985 was published Feb 28, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

246,040 advisories