Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,449 advisories

Loading
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-8861 was published Aug 29, 2025
Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed
CVE-2025-8857 was published Aug 29, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows... Critical Unreviewed
CVE-2025-54725 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54720 was published Aug 28, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster... Critical Unreviewed
CVE-2025-54738 was published Aug 28, 2025
D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command... Critical Unreviewed
CVE-2025-55583 was published Aug 28, 2025
Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin allows... Critical Unreviewed
CVE-2025-49388 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in manfcarlo WP Funnel Manager allows Object... Critical Unreviewed
CVE-2025-52761 was published Aug 28, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File... Critical Unreviewed
CVE-2025-49387 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39496 was published Aug 28, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy... Critical Unreviewed
CVE-2025-48100 was published Aug 28, 2025
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed
CVE-2025-53970 was published Aug 28, 2025
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated... Critical Unreviewed
CVE-2025-54762 was published Aug 28, 2025
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed
CVE-2025-7955 was published Aug 28, 2025
A heap-based buffer overflow vulnerability exists in the exists in the network-facing input... Critical Unreviewed
CVE-2025-34523 was published Aug 28, 2025
A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified... Critical Unreviewed
CVE-2025-34522 was published Aug 28, 2025
Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile... Critical Unreviewed
CVE-2025-34163 was published Aug 28, 2025
AnyShare contains a critical unauthenticated remote code execution vulnerability in the... Critical Unreviewed
CVE-2025-34160 was published Aug 28, 2025
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que... Critical Unreviewed
CVE-2025-34162 was published Aug 28, 2025
QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path... Critical Unreviewed
CVE-2024-13984 was published Aug 28, 2025
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated... Critical Unreviewed
CVE-2024-13985 was published Aug 28, 2025
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR... Critical Unreviewed
CVE-2018-25115 was published Aug 28, 2025
H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote... Critical Unreviewed
CVE-2024-13980 was published Aug 28, 2025
LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co.... Critical Unreviewed
CVE-2024-13981 was published Aug 28, 2025
A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform ... Critical Unreviewed
CVE-2023-7309 was published Aug 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database