GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,657
Composer 5,011
Erlang 39
GitHub Actions 38
Go 2,651
Maven 6,108
npm 4,279
NuGet 760
pip 4,066
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,271

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

64 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed

CVE-2024-32011 was published Nov 11, 2025

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed

CVE-2021-41841 was published Feb 10, 2022

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the... High Unreviewed

CVE-2021-33626 was published May 24, 2022

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co.... High Unreviewed

CVE-2025-41390 was published Oct 20, 2025

On a client with an admin user, a Global_Shipping script can be implemented. The script could... High Unreviewed

CVE-2025-12509 was published Oct 31, 2025

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed

CVE-2025-36355 was published Oct 6, 2025

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49134 was published Apr 9, 2024

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49133 was published Apr 9, 2024

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin... High Unreviewed

CVE-2025-8714 was published Aug 14, 2025

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue... High Unreviewed

CVE-2025-36727 was published Jul 25, 2025

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local... High Unreviewed

CVE-2025-27582 was published Jul 14, 2025

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by... High Unreviewed

CVE-2025-49809 was published Jul 4, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-39507 was published May 16, 2025

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated,... High Unreviewed

CVE-2025-20236 was published Apr 16, 2025

An iframe that was not permitted to run scripts could do so if the user clicked on a <code... High Unreviewed

CVE-2022-34468 was published Dec 22, 2022

An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B... High Unreviewed

CVE-2024-45482 was published Mar 25, 2025

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... High Unreviewed

CVE-2024-13353 was published Feb 21, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-53800 was published Jan 7, 2025

An issue was discovered in the Webmail Classic UI in Zimbra Collaboration (ZCS) 9.0 and 10.0 and... High Unreviewed

CVE-2024-54663 was published Dec 20, 2024

The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does... High Unreviewed

CVE-2024-48336 was published Nov 4, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50497 was published Oct 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49243 was published Oct 18, 2024

Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component... High Unreviewed

CVE-2022-49038 was published Sep 26, 2024

The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init... High Unreviewed

CVE-2024-45416 was published Sep 16, 2024

Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server... High Unreviewed

CVE-2024-43690 was published Sep 11, 2024

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

64 advisories