Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,974 advisories

Loading
A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000... High Unreviewed
CVE-2025-14136 was published Dec 6, 2025
A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0... High Unreviewed
CVE-2025-14134 was published Dec 6, 2025
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-12966 was published Dec 6, 2025
The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions... High Unreviewed
CVE-2025-13065 was published Dec 6, 2025
A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an... High Unreviewed
CVE-2025-14126 was published Dec 6, 2025
A vulnerability was identified in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0... High Unreviewed
CVE-2025-14135 was published Dec 6, 2025
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... High Unreviewed
CVE-2025-14133 was published Dec 6, 2025
The Rich Shortcodes for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-12499 was published Dec 6, 2025
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to... High Unreviewed
CVE-2025-13292 was published Dec 6, 2025
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-12510 was published Dec 6, 2025
A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the... High Unreviewed
CVE-2025-14108 was published Dec 6, 2025
A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this... High Unreviewed
CVE-2025-14107 was published Dec 6, 2025
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api... High Unreviewed
CVE-2025-13426 was published Dec 6, 2025
A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function... High Unreviewed
CVE-2025-14106 was published Dec 6, 2025
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands High
CVE-2025-66623 was published for io.strimzi:strimzi (Maven) Dec 5, 2025
scholzj ppatierno
im-konge
Credited to scholzj, ppatierno, and im-konge
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in... High Unreviewed
CVE-2025-66644 was published Dec 5, 2025
Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction... High Unreviewed
CVE-2025-46603 was published Dec 5, 2025
yawkat LZ4 Java has a possible information leak in Java safe decompressor High
CVE-2025-66566 was published for at.yawk.lz4:lz4-java (Maven) Dec 5, 2025
simonresch
Credited to simonresch
Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data... High Unreviewed
CVE-2020-36880 was published Dec 5, 2025
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command... High Unreviewed
CVE-2020-36882 was published Dec 5, 2025
Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory'... High Unreviewed
CVE-2020-36881 was published Dec 5, 2025
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2... High Unreviewed
CVE-2020-36876 was published Dec 5, 2025
Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any... High Unreviewed
CVE-2020-36879 was published Dec 5, 2025
ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability... High Unreviewed
CVE-2020-36878 was published Dec 5, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5,... High Unreviewed
CVE-2024-9183 was published Dec 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database