GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,104

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,609 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged... Moderate Unreviewed

CVE-2025-21036 was published Sep 9, 2025

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to... Moderate Unreviewed

CVE-2025-21037 was published Sep 9, 2025

Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local... Moderate Unreviewed

CVE-2023-21483 was published Sep 9, 2025

Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG uploads. When a user views... Moderate Unreviewed

CVE-2025-55944 was published Sep 9, 2025

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1... Moderate Unreviewed

CVE-2025-56498 was published Sep 9, 2025

A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Impacted is an unknown... Moderate Unreviewed

CVE-2025-10107 was published Sep 9, 2025

A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by... Moderate Unreviewed

CVE-2025-47416 was published Sep 9, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed

CVE-2024-45325 was published Sep 9, 2025

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle... Moderate Unreviewed

CVE-2025-10095 was published Sep 9, 2025

A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS... Moderate Unreviewed

CVE-2025-40594 was published Sep 9, 2025

A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... Moderate Unreviewed

CVE-2025-40757 was published Sep 9, 2025

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... Moderate Unreviewed

CVE-2025-9542 was published Sep 9, 2025

The Wilmer Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9061 was published Sep 9, 2025

The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of... Moderate Unreviewed

CVE-2025-9111 was published Sep 9, 2025

The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9058 was published Sep 9, 2025

The Compress & Upload WordPress plugin before 1.0.5 does not properly validate uploaded files,... Moderate Unreviewed

CVE-2025-8889 was published Sep 9, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file... Moderate Unreviewed

CVE-2025-10122 was published Sep 9, 2025

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated... Moderate Unreviewed

CVE-2025-42923 was published Sep 9, 2025

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP... Moderate Unreviewed

CVE-2025-42925 was published Sep 9, 2025

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is... Moderate Unreviewed

CVE-2025-10123 was published Sep 9, 2025

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker... Moderate Unreviewed

CVE-2025-42926 was published Sep 9, 2025

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an... Moderate Unreviewed

CVE-2025-42938 was published Sep 9, 2025

SAP Business Planning and Consolidation allows an authenticated standard user to call a function... Moderate Unreviewed

CVE-2025-42930 was published Sep 9, 2025

Previous 1…11…400 Next

Previous 1 2 … 9 10 11 12 13 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,609 advisories