GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,110

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,865 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2025-52385 was published Aug 13, 2025

An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings... Critical Unreviewed

CVE-2025-50594 was published Aug 13, 2025

In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific... Critical Unreviewed

CVE-2025-51451 was published Aug 13, 2025

Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to... Critical Unreviewed

CVE-2025-34153 was published Aug 13, 2025

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a... Critical Unreviewed

CVE-2025-51452 was published Aug 13, 2025

Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password... Critical Unreviewed

CVE-2025-50251 was published Aug 13, 2025

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability,... Critical Unreviewed

CVE-2025-8913 was published Aug 13, 2025

A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function... Critical Unreviewed

CVE-2025-8760 was published Aug 13, 2025

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-7384 was published Aug 13, 2025

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the... Critical Unreviewed

CVE-2025-6715 was published Aug 13, 2025

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to... Critical Unreviewed

CVE-2025-49457 was published Aug 13, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... Critical Unreviewed

CVE-2025-25256 was published Aug 12, 2025

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a... Critical Unreviewed

CVE-2025-53766 was published Aug 12, 2025

Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-50165 was published Aug 12, 2025

Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform... Critical Unreviewed

CVE-2025-50171 was published Aug 12, 2025

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed

CVE-2025-24325 was published Aug 12, 2025

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed

CVE-2025-40746 was published Aug 12, 2025

The B Blocks plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed

CVE-2025-8059 was published Aug 12, 2025

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed

CVE-2025-42950 was published Aug 12, 2025

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function... Critical Unreviewed

CVE-2025-42957 was published Aug 12, 2025

ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via... Critical Unreviewed

CVE-2025-45146 was published Aug 11, 2025

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2... Critical Unreviewed

CVE-2012-10039 was published Aug 11, 2025

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device... Critical Unreviewed

CVE-2012-10040 was published Aug 11, 2025

Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed

CVE-2012-10038 was published Aug 11, 2025

PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez... Critical Unreviewed

CVE-2012-10037 was published Aug 11, 2025

Previous 1…14…400 Next

Previous 1 2 … 12 13 14 15 16 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,865 advisories