Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,587 advisories

Loading
QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability,... High Unreviewed
CVE-2025-64701 was published Dec 11, 2025
squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if... High Unreviewed
CVE-2025-67738 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.4.6,... High Unreviewed
CVE-2025-12029 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18... High Unreviewed
CVE-2025-12716 was published Dec 11, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6,... High Unreviewed
CVE-2025-12562 was published Dec 11, 2025
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18... High Unreviewed
CVE-2025-8405 was published Dec 11, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53775 was published Dec 11, 2025
PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows... High Unreviewed
CVE-2024-58284 was published Dec 11, 2025
Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers... High Unreviewed
CVE-2024-58281 was published Dec 11, 2025
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58283 was published Dec 11, 2025
Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58282 was published Dec 11, 2025
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58280 was published Dec 11, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53776 was published Dec 11, 2025
appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows... High Unreviewed
CVE-2024-58279 was published Dec 11, 2025
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may... High Unreviewed
CVE-2025-67460 was published Dec 10, 2025
A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local... High Unreviewed
CVE-2025-65199 was published Dec 10, 2025
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to... High Unreviewed
CVE-2023-53741 was published Dec 10, 2025
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2023-53740 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability... High Unreviewed
CVE-2020-36899 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows... High Unreviewed
CVE-2020-36896 was published Dec 10, 2025
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery vulnerability... High Unreviewed
CVE-2020-36900 was published Dec 10, 2025
SpinetiX Fusion Digital Signage 3.4.8 and lower contains an authenticated path traversal... High Unreviewed
CVE-2020-36883 was published Dec 10, 2025
EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure... High Unreviewed
CVE-2020-36895 was published Dec 10, 2025
Improper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot... High Unreviewed
CVE-2025-24857 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that... High Unreviewed
CVE-2020-36901 was published Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database