GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,150
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,268
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,653

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,236 advisories

Filter by severity

Sort by

Least recently updated

DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface... Critical Unreviewed

CVE-2024-57595 was published Jan 27, 2025

?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access... Critical Unreviewed

CVE-2023-30765 was published Jul 10, 2023

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session... Critical Unreviewed

CVE-2018-7445 was published May 14, 2022

PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability. Critical Unreviewed

CVE-2022-47129 was published May 11, 2023

A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which... Critical Unreviewed

CVE-2021-46760 was published May 9, 2023

Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed

CVE-2024-56012 was published Dec 16, 2024

Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection.... Critical Unreviewed

CVE-2025-24601 was published Jan 27, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-24612 was published Jan 27, 2025

Deserialization of Untrusted Data vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows... Critical Unreviewed

CVE-2025-24671 was published Jan 27, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-24667 was published Jan 27, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-24664 was published Jan 27, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-24665 was published Jan 27, 2025

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... Critical Unreviewed

CVE-2025-0357 was published Jan 25, 2025

A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The... Critical Unreviewed

CVE-2024-57328 was published Jan 24, 2025

An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9,... Critical Unreviewed

CVE-2024-55573 was published Jan 24, 2025

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-12857 was published Jan 22, 2025

An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x... Critical Unreviewed

CVE-2024-53923 was published Jan 24, 2025

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could... Critical Unreviewed

CVE-2024-11053 was published Dec 11, 2024

SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion... Critical Unreviewed

CVE-2023-30330 was published May 23, 2023

An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed

CVE-2023-27823 was published May 12, 2023

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of... Critical Unreviewed

CVE-2024-4223 was published May 16, 2024

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Critical Unreviewed

CVE-2024-29006 was published Apr 4, 2024

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed

CVE-2021-32030 was published May 24, 2022

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a... Critical Unreviewed

CVE-2025-24650 was published Jan 24, 2025

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR)... Critical Unreviewed

CVE-2024-56404 was published Jan 24, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,236 advisories