Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-57154 was published Aug 20, 2025
Directus allows unauthenticated file upload and file modification due to lacking input sanitization Critical
CVE-2025-55746 was published for @directus/api (npm) Aug 20, 2025
r4bbit-r4
AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed
CVE-2025-8611 was published Aug 20, 2025
AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed
CVE-2025-8610 was published Aug 20, 2025
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function Critical Unreviewed
CVE-2024-50640 was published Aug 20, 2025
JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication... Critical Unreviewed
CVE-2025-50901 was published Aug 20, 2025
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025... Critical Unreviewed
CVE-2025-50904 was published Aug 20, 2025
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed
CVE-2011-10026 was published Aug 20, 2025
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser.... Critical Unreviewed
CVE-2010-20049 was published Aug 20, 2025
A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed... Critical Unreviewed
CVE-2010-20103 was published Aug 20, 2025
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in... Critical Unreviewed
CVE-2010-20059 was published Aug 20, 2025
Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57157 was published Aug 20, 2025
A vulnerability was identified in Docker Desktop that allows local running Linux containers to... Critical Unreviewed
CVE-2025-9074 was published Aug 20, 2025
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda... Critical Unreviewed
CVE-2025-27129 was published Aug 20, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi... Critical Unreviewed
CVE-2025-54713 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical... Critical Unreviewed
CVE-2025-54014 was published Aug 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54048 was published Aug 20, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking &... Critical Unreviewed
CVE-2025-54677 was published Aug 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54726 was published Aug 20, 2025
Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege... Critical Unreviewed
CVE-2025-54049 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed
CVE-2025-53577 was published Aug 20, 2025
Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content... Critical Unreviewed
CVE-2025-53299 was published Aug 20, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ReachShip... Critical Unreviewed
CVE-2025-53213 was published Aug 20, 2025
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed
CVE-2025-53580 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross... Critical Unreviewed
CVE-2025-49381 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database