Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41525 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41526 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41527 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41530 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41528 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34148 was published Aug 7, 2025
A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model... Critical Unreviewed
CVE-2025-34149 was published Aug 7, 2025
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02... Critical Unreviewed
CVE-2025-34150 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34152 was published Aug 7, 2025
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on... Critical Unreviewed
CVE-2025-34151 was published Aug 7, 2025
Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed
CVE-2025-7768 was published Aug 6, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either... Critical Unreviewed
CVE-2025-30127 was published Aug 6, 2025
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker... Critical Unreviewed
CVE-2025-23317 was published Aug 6, 2025
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack... Critical Unreviewed
CVE-2025-23311 was published Aug 6, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... Critical Unreviewed
CVE-2025-23310 was published Aug 6, 2025
CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow... Critical Unreviewed
CVE-2025-22470 was published Aug 6, 2025
The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2025-6994 was published Aug 6, 2025
FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote... Critical Unreviewed
CVE-2012-10030 was published Aug 5, 2025
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System... Critical Unreviewed
CVE-2014-125113 was published Aug 5, 2025
The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev... Critical Unreviewed
CVE-2013-10069 was published Aug 5, 2025
Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack... Critical Unreviewed
CVE-2013-10068 was published Aug 5, 2025
The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary... Critical Unreviewed
CVE-2012-10026 was published Aug 5, 2025
Narcissus is vulnerable to remote code execution via improper input handling in its image... Critical Unreviewed
CVE-2012-10033 was published Aug 5, 2025
Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the... Critical Unreviewed
CVE-2012-10035 was published Aug 5, 2025
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The... Critical Unreviewed
CVE-2013-10066 was published Aug 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database