GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,825
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,942
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

111,563 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce... High Unreviewed

CVE-2025-42933 was published Sep 9, 2025

Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed

CVE-2025-42916 was published Sep 9, 2025

Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed

CVE-2025-42929 was published Sep 9, 2025

JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a... High Unreviewed

CVE-2025-40930 was published Sep 8, 2025

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to... High Unreviewed

CVE-2025-8085 was published Sep 8, 2025

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an... High Unreviewed

CVE-2021-37150 was published Aug 11, 2022

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when... High Unreviewed

CVE-2025-40928 was published Sep 8, 2025

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue.... High Unreviewed

CVE-2024-8957 was published Sep 17, 2024

Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build.c, the... High Unreviewed

CVE-2025-52288 was published Sep 8, 2025

An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4... High Unreviewed

CVE-2025-52389 was published Sep 8, 2025

WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and... High Unreviewed

CVE-2025-55849 was published Sep 8, 2025

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file... High Unreviewed

CVE-2025-9112 was published Sep 8, 2025

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject... High Unreviewed

CVE-2025-45805 was published Sep 8, 2025

Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due... High Unreviewed

CVE-2025-52494 was published Sep 8, 2025

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed

CVE-2025-49214 was published Jun 17, 2025

Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local... High Unreviewed

CVE-2025-56803 was published Sep 8, 2025

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed

CVE-2025-49215 was published Jun 17, 2025

In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to... High Unreviewed

CVE-2022-20356 was published Aug 11, 2022

In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to... High Unreviewed

CVE-2024-56189 was published Sep 4, 2025

The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed

CVE-2025-52586 was published Aug 8, 2025

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-7677 was published Aug 11, 2025

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed

CVE-2021-22825 was published Jan 29, 2022

A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a... High Unreviewed

CVE-2025-55998 was published Sep 8, 2025

A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The... High Unreviewed

CVE-2025-57147 was published Sep 3, 2025

A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due... High Unreviewed

CVE-2025-36855 was published Sep 8, 2025

Previous 1…11…400 Next

Previous 1 2 … 9 10 11 12 13 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,563 advisories