GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278,903 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the... High Unreviewed

CVE-2025-14108 was published Dec 6, 2025

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account... Critical Unreviewed

CVE-2025-34291 was published Dec 6, 2025

A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the... Moderate Unreviewed

CVE-2025-14116 was published Dec 6, 2025

A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android.... Low Unreviewed

CVE-2025-14111 was published Dec 6, 2025

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this... High Unreviewed

CVE-2025-14107 was published Dec 6, 2025

A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api... High Unreviewed

CVE-2025-13426 was published Dec 6, 2025

A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function... High Unreviewed

CVE-2025-14106 was published Dec 6, 2025

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in... High Unreviewed

CVE-2025-66644 was published Dec 5, 2025

An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0... Moderate Unreviewed

CVE-2025-8148 was published Dec 5, 2025

A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an... Moderate Unreviewed

CVE-2025-14105 was published Dec 5, 2025

Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction... High Unreviewed

CVE-2025-46603 was published Dec 5, 2025

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data... High Unreviewed

CVE-2020-36880 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34261 was published Dec 5, 2025

Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command... High Unreviewed

CVE-2020-36882 was published Dec 5, 2025

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution... Critical Unreviewed

CVE-2020-36877 was published Dec 5, 2025

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory'... High Unreviewed

CVE-2020-36881 was published Dec 5, 2025

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2... High Unreviewed

CVE-2020-36876 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34257 was published Dec 5, 2025

Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any... High Unreviewed

CVE-2020-36879 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34265 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34262 was published Dec 5, 2025

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability... High Unreviewed

CVE-2020-36878 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34258 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34264 was published Dec 5, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34263 was published Dec 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278,903 advisories