GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,326
Composer 4,815
Erlang 36
GitHub Actions 32
Go 2,401
Maven 5,798
npm 4,044
NuGet 723
pip 3,830
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,267

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

883 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed

CVE-2025-50578 was published Jul 30, 2025

This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15... Critical Unreviewed

CVE-2025-43253 was published Jul 30, 2025

Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed

CVE-2025-43234 was published Jul 30, 2025

A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed

CVE-2014-125117 was published Jul 25, 2025

A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed

CVE-2025-34132 was published Jul 17, 2025

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed

CVE-2025-34300 was published Jul 16, 2025

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed

CVE-2025-34111 was published Jul 15, 2025

A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss... Critical Unreviewed

CVE-2025-34105 was published Jul 15, 2025

An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed

CVE-2025-34068 was published Jul 15, 2025

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4... Critical Unreviewed

CVE-2025-34101 was published Jul 10, 2025

An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of... Critical Unreviewed

CVE-2025-34100 was published Jul 10, 2025

A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009)... Critical Unreviewed

CVE-2025-34102 was published Jul 10, 2025

An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2... Critical Unreviewed

CVE-2025-34099 was published Jul 10, 2025

An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin ≤... Critical Unreviewed

CVE-2025-34083 was published Jul 9, 2025

A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol ... Critical Unreviewed

CVE-2025-34072 was published Jul 2, 2025

A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum... Critical Unreviewed

CVE-2025-34060 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the... Critical Unreviewed

CVE-2025-34056 was published Jul 1, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the... Critical Unreviewed

CVE-2025-34055 was published Jul 1, 2025

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and... Critical Unreviewed

CVE-2025-34035 was published Jun 26, 2025

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting... Critical Unreviewed

CVE-2025-34036 was published Jun 26, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1... Critical Unreviewed

CVE-2025-34043 was published Jun 26, 2025

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version... Critical Unreviewed

CVE-2025-34049 was published Jun 26, 2025

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7... Critical Unreviewed

CVE-2025-34044 was published Jun 26, 2025

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

883 advisories