Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

742 advisories

Loading
An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed
CVE-2025-27212 was published Aug 5, 2025
The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed
CVE-2025-2611 was published Aug 5, 2025
Cryptographic vulnerability in Iridium Certus 700. This vulnerability allows a user to retrieve... Critical Unreviewed
CVE-2025-41377 was published May 23, 2025
An input validation issue was addressed with improved memory handling. This issue is fixed in... Critical Unreviewed
CVE-2025-31281 was published Jul 30, 2025
This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15... Critical Unreviewed
CVE-2025-43253 was published Jul 30, 2025
Multiple memory corruption issues were addressed with improved input validation. This issue is... Critical Unreviewed
CVE-2025-43234 was published Jul 30, 2025
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed
CVE-2025-50578 was published Jul 30, 2025
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x... Critical Unreviewed
CVE-2017-15944 was published May 13, 2022
A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed
CVE-2014-125117 was published Jul 25, 2025
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to... Critical Unreviewed
CVE-2025-34132 was published Jul 17, 2025
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed
CVE-2025-34300 was published Jul 16, 2025
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss... Critical Unreviewed
CVE-2025-34105 was published Jul 15, 2025
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version... Critical Unreviewed
CVE-2025-34111 was published Jul 15, 2025
An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed
CVE-2025-34068 was published Jul 15, 2025
An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2... Critical Unreviewed
CVE-2025-34099 was published Jul 10, 2025
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4... Critical Unreviewed
CVE-2025-34101 was published Jul 10, 2025
A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009)... Critical Unreviewed
CVE-2025-34102 was published Jul 10, 2025
An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of... Critical Unreviewed
CVE-2025-34100 was published Jul 10, 2025
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and... Critical Unreviewed
CVE-2025-34035 was published Jun 26, 2025
An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting... Critical Unreviewed
CVE-2025-34036 was published Jun 26, 2025
An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin ≤... Critical Unreviewed
CVE-2025-34083 was published Jul 9, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth... Critical Unreviewed
CVE-2025-32067 was published Apr 11, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments... Critical Unreviewed
CVE-2025-32079 was published Apr 11, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - HTML Tags allows... Critical Unreviewed
CVE-2025-32073 was published Apr 11, 2025
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - AJAX Poll... Critical Unreviewed
CVE-2025-32070 was published Apr 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database