GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,816
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,920
npm 4,119
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,962

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,440 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-39496 was published Aug 28, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy... Critical Unreviewed

CVE-2025-48100 was published Aug 28, 2025

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed

CVE-2025-53970 was published Aug 28, 2025

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed

CVE-2025-54762 was published Aug 28, 2025

The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed

CVE-2025-7955 was published Aug 28, 2025

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified... Critical Unreviewed

CVE-2025-34522 was published Aug 28, 2025

A heap-based buffer overflow vulnerability exists in the exists in the network-facing input... Critical Unreviewed

CVE-2025-34523 was published Aug 28, 2025

Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile... Critical Unreviewed

CVE-2025-34163 was published Aug 28, 2025

AnyShare contains a critical unauthenticated remote code execution vulnerability in the... Critical Unreviewed

CVE-2025-34160 was published Aug 28, 2025

An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que... Critical Unreviewed

CVE-2025-34162 was published Aug 28, 2025

QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path... Critical Unreviewed

CVE-2024-13984 was published Aug 28, 2025

A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated... Critical Unreviewed

CVE-2024-13985 was published Aug 28, 2025

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR... Critical Unreviewed

CVE-2018-25115 was published Aug 28, 2025

H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote... Critical Unreviewed

CVE-2024-13980 was published Aug 28, 2025

LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co.... Critical Unreviewed

CVE-2024-13981 was published Aug 28, 2025

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform ... Critical Unreviewed

CVE-2023-7309 was published Aug 28, 2025

A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows... Critical Unreviewed

CVE-2024-13979 was published Aug 28, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS)... Critical Unreviewed

CVE-2025-34157 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34161 was published Aug 27, 2025

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the... Critical Unreviewed

CVE-2025-50428 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34159 was published Aug 27, 2025

Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure... Critical Unreviewed

CVE-2025-43728 was published Aug 27, 2025

SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute... Critical Unreviewed

CVE-2025-50972 was published Aug 27, 2025

In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command... Critical Unreviewed

CVE-2025-30057 was published Aug 27, 2025

The configuration file containing database logins and passwords is readable by any local user. Critical Unreviewed

CVE-2025-30063 was published Aug 27, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,440 advisories