Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,754 advisories

Filter by severity
All severities
Low
Moderate
High
Critical
Loading
The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for... Critical Unreviewed
CVE-2025-65823 was published Dec 10, 2025
Due to a lack of certificate validation, all traffic from the mobile application can be... Critical Unreviewed
CVE-2025-65830 was published Dec 10, 2025
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can... Critical Unreviewed
CVE-2025-65820 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that... Critical Unreviewed
CVE-2020-36894 was published Dec 10, 2025
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient... Critical Unreviewed
CVE-2020-36885 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation... Critical Unreviewed
CVE-2020-36892 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated remote code execution... Critical Unreviewed
CVE-2020-36897 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that... Critical Unreviewed
CVE-2020-36902 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64537 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64538 was published Dec 10, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site... Critical Unreviewed
CVE-2025-64539 was published Dec 10, 2025
A malicious actor can access camera configuration information, including account credentials,... Critical Unreviewed
CVE-2025-13607 was published Dec 10, 2025
DataGear v5.5.0 is vulnerable to Arbitrary File Deletion. Critical Unreviewed
CVE-2025-65792 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34392 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does... Critical Unreviewed
CVE-2025-34393 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... Critical Unreviewed
CVE-2025-34394 was published Dec 10, 2025
Ibexa User Bundle is missing password change validation Critical
CVE-2025-67719 was published for ibexa/user (Composer) Dec 10, 2025
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root... Critical Unreviewed
CVE-2025-13184 was published Dec 10, 2025
Bypass vulnerability in the authentication method in the GTT Tax Information System application,... Critical Unreviewed
CVE-2025-13953 was published Dec 10, 2025
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478... Critical Unreviewed
CVE-2025-13955 was published Dec 10, 2025
Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers... Critical Unreviewed
CVE-2025-13954 was published Dec 10, 2025
The Elated Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed
CVE-2025-13613 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... Critical Unreviewed
CVE-2025-61809 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload... Critical Unreviewed
CVE-2025-61808 was published Dec 10, 2025
Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool Critical
CVE-2025-67511 was published for cai-framework (pip) Dec 9, 2025
edoardottt
Credited to edoardottt
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database