GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23,448 advisories
Filter by severity
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image...
Critical
Unreviewed
CVE-2025-58819
was published
Sep 5, 2025
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore...
Critical
Unreviewed
CVE-2025-53690
was published
Sep 5, 2025
Azure Networking Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2025-54914
was published
Sep 5, 2025
Azure Entra Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2025-55241
was published
Sep 5, 2025
Azure Bot Service Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2025-55244
was published
Sep 5, 2025
In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates...
Critical
Unreviewed
CVE-2025-48581
was published
Sep 4, 2025
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL...
Critical
Unreviewed
CVE-2025-7385
was published
Sep 4, 2025
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing...
Critical
Unreviewed
CVE-2025-36897
was published
Sep 4, 2025
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer...
Critical
Unreviewed
CVE-2025-57052
was published
Sep 3, 2025
An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker...
Critical
Unreviewed
CVE-2025-26210
was published
Sep 3, 2025
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability...
Critical
Unreviewed
CVE-2025-53693
was published
Sep 3, 2025
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability...
Critical
Unreviewed
CVE-2025-9276
was published
Sep 2, 2025
rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path.
Critical
Unreviewed
CVE-2025-57140
was published
Sep 2, 2025
In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This...
Critical
Unreviewed
CVE-2022-38692
was published
Sep 2, 2025
In FDL1, there is a possible missing payload size check. This could lead to memory buffer...
Critical
Unreviewed
CVE-2022-38693
was published
Sep 2, 2025
In BootRom, there's a possible missing payload size check. This could lead to memory buffer...
Critical
Unreviewed
CVE-2022-38696
was published
Sep 2, 2025
Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects...
Critical
Unreviewed
CVE-2024-32832
was published
Aug 31, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management...
Critical
Unreviewed
CVE-2025-31100
was published
Aug 31, 2025
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ...
Critical
Unreviewed
CVE-2024-46484
was published
Aug 29, 2025
An improper authentication vulnerability has been reported to affect VioStor. If a remote...
Critical
Unreviewed
CVE-2025-52856
was published
Aug 29, 2025
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2025-44033
was published
Aug 29, 2025
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated...
Critical
Unreviewed
CVE-2025-8861
was published
Aug 29, 2025
ProTip!
Advisories are also available from the
GraphQL API