Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,736
Maven
5,000+
npm
4,336
NuGet
764
pip
4,110
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

526 advisories

Loading
Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access... High Unreviewed
CVE-2021-4469 was published Nov 15, 2025
General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded web... High Unreviewed
CVE-2025-59780 was published Nov 15, 2025
The Brightpick Internal Logic Control web interface is accessible without requiring user... High Unreviewed
CVE-2025-64307 was published Nov 15, 2025
Flowise does not Prevent Bypass of Password Confirmation - Unverified Password Change High
GHSA-fjh6-8679-9pch was published for flowise-ui (npm) Nov 14, 2025
mbiesiad
Credited to mbiesiad
Flowise doesn't Prevent Bypass of Password Confirmation through Unverified Email Change (credentials) High
GHSA-x39m-3393-3qp4 was published for flowise-ui (npm) Nov 14, 2025
mbiesiad
Credited to mbiesiad
Tinycontrol LAN Controller v3 (LK3) firmware versions up to 1.58a (hardware v3.8) contain a... High Unreviewed
CVE-2023-7329 was published Nov 13, 2025
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO!... High Unreviewed
CVE-2025-40817 was published Nov 11, 2025
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO!... High Unreviewed
CVE-2025-40816 was published Nov 11, 2025
Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse... High Unreviewed
CVE-2025-47357 was published Nov 4, 2025
The privileged user could log in without sufficient credentials after enabling an application... High Unreviewed
CVE-2025-48397 was published Nov 3, 2025
microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows... High Unreviewed
CVE-2025-41090 was published Oct 28, 2025
Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing... High Unreviewed
CVE-2025-43994 was published Oct 24, 2025
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This... High Unreviewed
CVE-2025-41110 was published Oct 22, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2025-61756 was published Oct 22, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-61752 was published Oct 21, 2025
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication... High Unreviewed
CVE-2025-11949 was published Oct 21, 2025
OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password.... High Unreviewed
CVE-2025-62586 was published Oct 16, 2025
NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. A successful exploit of... High Unreviewed
CVE-2025-23356 was published Oct 14, 2025
An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the... High Unreviewed
CVE-2025-41703 was published Oct 14, 2025
Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem'... High Unreviewed
CVE-2025-35051 was published Oct 9, 2025
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security... High Unreviewed
CVE-2025-11198 was published Oct 9, 2025
Better Auth: Unauthenticated API key creation through api-key plugin High
CVE-2025-61928 was published for better-auth (npm) Oct 9, 2025
etiennelunetta
Credited to etiennelunetta
A potential security vulnerability has been identified in HP Sure Start’s protection of the Intel... High Unreviewed
CVE-2023-6215 was published Oct 7, 2025
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an... High Unreviewed
CVE-2025-23293 was published Sep 30, 2025
The attacker may obtain root access by connecting to the UART port and this vulnerability... High Unreviewed
CVE-2025-10991 was published Sep 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database