Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,600 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22593 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bozdoz Quote Tweet allows Stored XSS.This... High Unreviewed
CVE-2025-22589 was published Jan 7, 2025
An attacker who successfully exploited these vulnerabilities could cause enable command execution... High Unreviewed
CVE-2024-12430 was published Jan 7, 2025
An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to... High Unreviewed
CVE-2024-55411 was published Jan 7, 2025
A vulnerability exits in driver snxppamd.sys in SUNIX Parallel Driver x64 - 10.1.0.0, which... High Unreviewed
CVE-2024-55413 was published Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54007 was published Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54006 was published Jan 7, 2025
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This... High Unreviewed
CVE-2024-8361 was published Jan 7, 2025
Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Accessing... High Unreviewed
CVE-2025-22592 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22536 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22547 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate... High Unreviewed
CVE-2025-22552 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22548 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross... High Unreviewed
CVE-2025-22557 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows... High Unreviewed
CVE-2025-22556 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mario Mansour and Geoff Peters TubePress.NET... High Unreviewed
CVE-2025-22559 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode... High Unreviewed
CVE-2025-22555 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Instabot Instabot allows Cross Site Request... High Unreviewed
CVE-2025-22571 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scott Nellé Uptime Robot allows Stored XSS... High Unreviewed
CVE-2025-22582 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Prayer Times Anywhere allows Stored... High Unreviewed
CVE-2025-22590 was published Jan 7, 2025
Lack of output escaping in the id attribute of menu lists. High Unreviewed
CVE-2024-40748 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22502 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22507 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22522 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request... High Unreviewed
CVE-2025-22520 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database