Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,455 advisories

Loading
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8... Critical Unreviewed
CVE-2024-45438 was published Aug 21, 2025
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-52395 was published Aug 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a... Critical Unreviewed
CVE-2025-53251 was published Aug 21, 2025
Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified... Critical Unreviewed
CVE-2025-34158 was published Aug 21, 2025
The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed
CVE-2025-8895 was published Aug 21, 2025
A malicious client can bypass the client certificate trust check of an opc.https server when the... Critical Unreviewed
CVE-2025-7390 was published Aug 21, 2025
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro... Critical Unreviewed
CVE-2025-27214 was published Aug 21, 2025
A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with... Critical Unreviewed
CVE-2025-27217 was published Aug 21, 2025
Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a... Critical Unreviewed
CVE-2025-24285 was published Aug 21, 2025
Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57155 was published Aug 20, 2025
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-57154 was published Aug 20, 2025
AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed
CVE-2025-8611 was published Aug 20, 2025
AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed
CVE-2025-8610 was published Aug 20, 2025
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function Critical Unreviewed
CVE-2024-50640 was published Aug 20, 2025
JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication... Critical Unreviewed
CVE-2025-50901 was published Aug 20, 2025
There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025... Critical Unreviewed
CVE-2025-50904 was published Aug 20, 2025
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser.... Critical Unreviewed
CVE-2010-20049 was published Aug 20, 2025
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed
CVE-2011-10026 was published Aug 20, 2025
A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed... Critical Unreviewed
CVE-2010-20103 was published Aug 20, 2025
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in... Critical Unreviewed
CVE-2010-20059 was published Aug 20, 2025
Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57157 was published Aug 20, 2025
A vulnerability was identified in Docker Desktop that allows local running Linux containers to... Critical Unreviewed
CVE-2025-9074 was published Aug 20, 2025
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda... Critical Unreviewed
CVE-2025-27129 was published Aug 20, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi... Critical Unreviewed
CVE-2025-54713 was published Aug 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54048 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database