GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,789

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

204 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets.... Moderate Unreviewed

CVE-2025-66270 was published Dec 5, 2025

A flaw exists in the verification of application installation sources within ColorOS. Under... Moderate Unreviewed

CVE-2025-27389 was published Dec 5, 2025

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41... Moderate Unreviewed

CVE-2025-13634 was published Dec 2, 2025

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local... Moderate Unreviewed

CVE-2025-13635 was published Dec 2, 2025

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a... Moderate Unreviewed

CVE-2025-13636 was published Dec 2, 2025

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... Moderate Unreviewed

CVE-2025-59699 was published Dec 2, 2025

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18... Moderate Unreviewed

CVE-2025-12653 was published Nov 26, 2025

The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1,... Moderate Unreviewed

CVE-2025-43493 was published Nov 4, 2025

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2025-43503 was published Nov 4, 2025

Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized... Moderate Unreviewed

CVE-2025-59501 was published Oct 31, 2025

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products... Moderate Unreviewed

CVE-2025-5605 was published Oct 24, 2025

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication... Moderate Unreviewed

CVE-2025-56800 was published Oct 21, 2025

This vulnerability affects Firefox < 143 and Thunderbird < 143. Moderate Unreviewed

CVE-2025-10530 was published Sep 16, 2025

One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to... Moderate Unreviewed

CVE-2025-56689 was published Sep 8, 2025

In multiple locations, there is a possible lock screen bypass due to a logic error in the code.... Moderate Unreviewed

CVE-2025-26421 was published Sep 4, 2025

The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest... Moderate Unreviewed

CVE-2025-56608 was published Sep 3, 2025

An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an... Moderate Unreviewed

CVE-2025-50454 was published Aug 5, 2025

CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed

CVE-2025-46018 was published Aug 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34065 was published Jul 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34053 was published Jul 1, 2025

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using... Moderate Unreviewed

CVE-2025-23168 was published Jun 19, 2025

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed

CVE-2025-5067 was published May 27, 2025

The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed

CVE-2025-48027 was published May 15, 2025

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed

CVE-2025-3909 was published May 14, 2025

Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed

CVE-2025-27695 was published May 8, 2025

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

204 advisories