Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,435
Maven
5,000+
npm
5,000+
NuGet
883
pip
4,689
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,396 advisories

Loading
Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker... High Unreviewed
CVE-2025-7674 was published Aug 5, 2025
An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated... High Unreviewed
CVE-2025-43979 was published Aug 5, 2025
Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection.... High Unreviewed
CVE-2025-43978 was published Aug 5, 2025
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows... High Unreviewed
CVE-2025-29745 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7025 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7032 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7033 was published Aug 5, 2025
A low privileged local attacker can interact with the affected service although user-interaction... High Unreviewed
CVE-2025-41698 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-5061 was published Aug 5, 2025
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-7050 was published Aug 5, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-6207 was published Aug 5, 2025
An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a... High Unreviewed
CVE-2025-27211 was published Aug 5, 2025
Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code... High Unreviewed
CVE-2025-53395 was published Aug 4, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... High Unreviewed
CVE-2025-51726 was published Aug 4, 2025
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with... High Unreviewed
CVE-2025-53394 was published Aug 4, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded... High Unreviewed
CVE-2025-26476 was published Aug 4, 2025
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2025-38741 was published Aug 4, 2025
Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch... High Unreviewed
CVE-2025-21120 was published Aug 4, 2025
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain... High Unreviewed
CVE-2025-44960 was published Aug 4, 2025
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation... High Unreviewed
CVE-2013-10052 was published Aug 4, 2025
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2025-46206 was published Aug 4, 2025
A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8... High Unreviewed
CVE-2025-51534 was published Aug 4, 2025
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an... High Unreviewed
CVE-2025-50420 was published Aug 4, 2025
Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API... High Unreviewed
CVE-2025-44957 was published Aug 4, 2025
RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak,... High Unreviewed
CVE-2025-44955 was published Aug 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database