GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,264
Composer 4,811
Erlang 36
GitHub Actions 32
Go 2,396
Maven 5,780
npm 4,033
NuGet 721
pip 3,824
Pub 12
RubyGems 932
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,984 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Melapress Login Security plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed

CVE-2025-6895 was published Jul 26, 2025

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed

CVE-2024-41783 was published Jan 19, 2025

A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience... Critical Unreviewed

CVE-2025-34138 was published Jul 25, 2025

An issue in Gardyn 4 allows a remote attacker execute arbitrary code Critical Unreviewed

CVE-2025-29631 was published Jul 25, 2025

An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without... Critical Unreviewed

CVE-2025-30135 was published Jul 25, 2025

Cross Site Scripting vulnerability in grav v.1.7.48 and before allows an attacker to execute... Critical Unreviewed

CVE-2025-46199 was published Jul 25, 2025

An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier.... Critical Unreviewed

CVE-2014-125115 was published Jul 25, 2025

A remote code execution vulnerability exists in HybridAuth versions 2.0.9 through 2.2.2 due to... Critical Unreviewed

CVE-2014-125116 was published Jul 25, 2025

A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The... Critical Unreviewed

CVE-2014-125118 was published Jul 25, 2025

A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices... Critical Unreviewed

CVE-2014-125117 was published Jul 25, 2025

An unauthenticated attacker who knows the target device's serial number, can generate the default... Critical Unreviewed

CVE-2024-51978 was published Jun 26, 2025

An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows... Critical Unreviewed

CVE-2025-45777 was published Jul 25, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-4784 was published Jul 25, 2025

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used... Critical Unreviewed

CVE-2025-5243 was published Jul 25, 2025

The ONLYOFFICE Docs plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed

CVE-2025-6380 was published Jul 25, 2025

The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |... Critical Unreviewed

CVE-2025-6441 was published Jul 25, 2025

The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed

CVE-2025-7437 was published Jul 25, 2025

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed

CVE-2025-7852 was published Jul 25, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-4822 was published Jul 25, 2025

The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions... Critical Unreviewed

CVE-2019-25224 was published Jul 25, 2025

The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead... Critical Unreviewed

CVE-2015-10143 was published Jul 25, 2025

Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL. Critical Unreviewed

CVE-2025-53867 was published Jul 17, 2025

The embedded web server on the thermostat listed version ranges contain a vulnerability that... Critical Unreviewed

CVE-2025-6260 was published Jul 24, 2025

In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possible outcof bounds write due... Critical Unreviewed

CVE-2024-47038 was published Dec 18, 2024

There is a possible UAF due to a logic error in the code. This could lead to local escalation of... Critical Unreviewed

CVE-2024-47040 was published Dec 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,984 advisories