GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,671
Composer 5,012
Erlang 39
GitHub Actions 38
Go 2,655
Maven 6,111
npm 4,284
NuGet 760
pip 4,067
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,381

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,985 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in... Critical Unreviewed

CVE-2024-44659 was published Nov 17, 2025

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default... Critical Unreviewed

CVE-2025-63747 was published Nov 17, 2025

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-13284 was published Nov 17, 2025

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the... Critical Unreviewed

CVE-2025-9501 was published Nov 17, 2025

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no... Critical Unreviewed

CVE-2025-10460 was published Nov 17, 2025

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd... Critical Unreviewed

CVE-2021-4470 was published Nov 15, 2025

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded... Critical Unreviewed

CVE-2025-58083 was published Nov 15, 2025

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code... Critical Unreviewed

CVE-2024-28988 was published Nov 15, 2025

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54339 was published Nov 14, 2025

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54343 was published Nov 14, 2025

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0... Critical Unreviewed

CVE-2025-64446 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments... Critical Unreviewed

CVE-2025-36096 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow... Critical Unreviewed

CVE-2025-36251 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service ... Critical Unreviewed

CVE-2025-36250 was published Nov 14, 2025

An authentication bypass vulnerability has been identified in certain DSL series routers, may... Critical Unreviewed

CVE-2025-59367 was published Nov 13, 2025

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602... Critical Unreviewed

CVE-2021-4464 was published Nov 13, 2025

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control... Critical Unreviewed

CVE-2025-46608 was published Nov 12, 2025

free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an... Critical Unreviewed

CVE-2025-63679 was published Nov 12, 2025

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0... Critical Unreviewed

CVE-2025-56385 was published Nov 12, 2025

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to... Critical Unreviewed

CVE-2025-63289 was published Nov 12, 2025

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi... Critical Unreviewed

CVE-2025-63353 was published Nov 12, 2025

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed

CVE-2025-64280 was published Nov 12, 2025

N-central < 2025.4 is vulnerable to authentication bypass via path traversal Critical Unreviewed

CVE-2025-11366 was published Nov 12, 2025

The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization Critical Unreviewed

CVE-2025-11367 was published Nov 12, 2025

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed

CVE-2025-64281 was published Nov 12, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,985 advisories