Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,385
Maven
3,027
npm
3,078
NuGet
529
pip
2,897
Pub
5
RubyGems
442
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

133 advisories

Loading
PRSD detection denial of service Low Unreviewed
CVE-2026-33597 was published Apr 22, 2026
** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program... Moderate Unreviewed
CVE-2026-6058 was published Apr 21, 2026
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive... Moderate Unreviewed
CVE-2026-20136 was published Apr 15, 2026
CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log... Moderate Unreviewed
CVE-2026-2404 was published Apr 14, 2026
Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0... Moderate Unreviewed
CVE-2026-40023 was published Apr 10, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18... Low Unreviewed
CVE-2025-12697 was published Mar 11, 2026
Tanium addressed an improper output sanitization vulnerability in Tanium Appliance. Moderate Unreviewed
CVE-2025-15312 was published Feb 5, 2026
CSS-based exfiltration of the content from partially encrypted emails when allowing remote... Moderate Unreviewed
CVE-2026-0818 was published Jan 28, 2026
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) fail to include... Low Unreviewed
CVE-2026-24439 was published Jan 26, 2026
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy... Low Unreviewed
CVE-2026-22712 was published Jan 9, 2026
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure... High Unreviewed
CVE-2025-68460 was published Dec 18, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18... Low Unreviewed
CVE-2025-12734 was published Dec 11, 2025
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18... High Unreviewed
CVE-2025-8405 was published Dec 11, 2025
SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send... Moderate Unreviewed
CVE-2025-42896 was published Dec 9, 2025
A vulnerability exists in PX Enterprise whereby sensitive information may be logged under... High Unreviewed
CVE-2025-9127 was published Dec 4, 2025
Emails sent by pretix can utilize placeholders that will be filled with customer data. For... Low Unreviewed
CVE-2025-13742 was published Nov 27, 2025
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with... Critical Unreviewed
CVE-2025-40547 was published Nov 18, 2025
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This... High Unreviewed
CVE-2025-11085 was published Nov 11, 2025
There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient... Moderate Unreviewed
CVE-2025-46583 was published Oct 27, 2025
A malicious page could have used the type attribute of an OBJECT tag to override the default... Moderate Unreviewed
CVE-2025-11712 was published Oct 14, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-0607 was published Oct 6, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-46703 was published Sep 19, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-57880 was published Sep 19, 2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension... Moderate Unreviewed
CVE-2025-48007 was published Sep 19, 2025
In multiple locations, there is a possible way to access content across user profiles due to URI... Moderate Unreviewed
CVE-2025-0083 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database