GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,147

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,868 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code... Critical Unreviewed

CVE-2025-6811 was published Jul 7, 2025

Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution... Critical Unreviewed

CVE-2025-6802 was published Jul 7, 2025

Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and... Critical Unreviewed

CVE-2025-6793 was published Jul 7, 2025

Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution... Critical Unreviewed

CVE-2025-6810 was published Jul 7, 2025

Hashview 0.8.1 allows account takeover via the password reset feature because SERVER_NAME is not... Critical Unreviewed

CVE-2025-43930 was published Jul 7, 2025

lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An... Critical Unreviewed

CVE-2025-4779 was published Jul 7, 2025

A remote attacker with administrator account can gain full control of the device due to improper... Critical Unreviewed

CVE-2025-3626 was published Jul 7, 2025

langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node,... Critical Unreviewed

CVE-2025-3466 was published Jul 7, 2025

A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain... Critical Unreviewed

CVE-2025-41672 was published Jul 7, 2025

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this... Critical Unreviewed

CVE-2025-48501 was published Jul 7, 2025

Remote attackers can execute arbitrary code in the context of the vulnerable service process. Critical Unreviewed

CVE-2025-5333 was published Jul 6, 2025

The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1... Critical Unreviewed

CVE-2025-26850 was published Jul 5, 2025

User-controlled inputs are improperly escaped in: * VotePage.php (poll option input) ... Critical Unreviewed

CVE-2025-53484 was published Jul 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-52833 was published Jul 4, 2025

Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed

CVE-2025-49867 was published Jul 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-52832 was published Jul 4, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy... Critical Unreviewed

CVE-2025-49302 was published Jul 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-52830 was published Jul 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-52831 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows... Critical Unreviewed

CVE-2025-30933 was published Jul 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-28983 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows... Critical Unreviewed

CVE-2025-49414 was published Jul 4, 2025

Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi... Critical Unreviewed

CVE-2025-49417 was published Jul 4, 2025

Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege... Critical Unreviewed

CVE-2025-23970 was published Jul 4, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed

CVE-2025-28951 was published Jul 4, 2025

Previous 1…31…400 Next

Previous 1 2 … 29 30 31 32 33 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,868 advisories