GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,818

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

273,818 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Low Unreviewed

CVE-2025-62655 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2025-62653 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2025-62654 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62652 was published Oct 18, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client... Moderate Unreviewed

CVE-2025-62649 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client... High Unreviewed

CVE-2025-62650 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed

CVE-2025-62646 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not... Moderate Unreviewed

CVE-2025-62651 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the... Moderate Unreviewed

CVE-2025-62647 was published Oct 17, 2025

A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in... Unknown Unreviewed

CVE-2025-56316 was published Oct 17, 2025

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this... Moderate Unreviewed

CVE-2025-11914 was published Oct 17, 2025

A vulnerability has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by... Moderate Unreviewed

CVE-2025-11913 was published Oct 17, 2025

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary... Unknown Unreviewed

CVE-2025-56218 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote... Critical Unreviewed

CVE-2025-62645 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global... Moderate Unreviewed

CVE-2025-62644 was published Oct 17, 2025

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the... Moderate Unreviewed

CVE-2025-11912 was published Oct 17, 2025

Incorrect Content-Type header in one of the APIs (`text/html` instead of `application/json`)... Critical Unreviewed

CVE-2025-11925 was published Oct 17, 2025

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. This impacts... Moderate Unreviewed

CVE-2025-11911 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed

CVE-2025-62648 was published Oct 17, 2025

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass... Critical Unreviewed

CVE-2025-56221 was published Oct 17, 2025

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting (XSS)... Unknown Unreviewed

CVE-2025-56320 was published Oct 17, 2025

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40.... Moderate Unreviewed

CVE-2025-11910 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits... Low Unreviewed

CVE-2025-62643 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone... Moderate Unreviewed

CVE-2025-62642 was published Oct 17, 2025

ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the... Moderate Unreviewed

CVE-2025-34282 was published Oct 17, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

273,818 advisories