GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,766
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,489
Maven 5,913
npm 4,106
NuGet 735
pip 3,928
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,573

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,421 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Critical Unreviewed

CVE-2025-54236 was published Sep 9, 2025

A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect... Critical Unreviewed

CVE-2025-10183 was published Sep 9, 2025

A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions... Critical Unreviewed

CVE-2025-40804 was published Sep 9, 2025

The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-10134 was published Sep 9, 2025

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... Critical Unreviewed

CVE-2025-40795 was published Sep 9, 2025

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the... Critical Unreviewed

CVE-2025-42958 was published Sep 9, 2025

SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw... Critical Unreviewed

CVE-2025-42922 was published Sep 9, 2025

Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could... Critical Unreviewed

CVE-2025-42944 was published Sep 9, 2025

The Doccure theme for WordPress is vulnerable to Arbitrary User Password Change in versions up to... Critical Unreviewed

CVE-2025-9114 was published Sep 8, 2025

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed

CVE-2025-9113 was published Sep 8, 2025

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute... Critical Unreviewed

CVE-2025-56266 was published Sep 8, 2025

A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows... Critical Unreviewed

CVE-2025-56267 was published Sep 8, 2025

codeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib... Critical Unreviewed

CVE-2025-57285 was published Sep 8, 2025

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc. Critical Unreviewed

CVE-2025-57141 was published Sep 8, 2025

Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross... Critical Unreviewed

CVE-2025-52161 was published Sep 8, 2025

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control... Critical Unreviewed

CVE-2025-59033 was published Sep 8, 2025

Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1... Critical Unreviewed

CVE-2023-21467 was published Sep 8, 2025

ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal.... Critical Unreviewed

CVE-2025-5993 was published Sep 8, 2025

The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed

CVE-2025-8359 was published Sep 6, 2025

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default... Critical Unreviewed

CVE-2025-35451 was published Sep 5, 2025

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials... Critical Unreviewed

CVE-2025-35452 was published Sep 5, 2025

Deserialization of Untrusted Data vulnerability in ExpressTech Systems Quiz And Survey Master... Critical Unreviewed

CVE-2025-49401 was published Sep 5, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-58628 was published Sep 5, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed

CVE-2025-58819 was published Sep 5, 2025

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore... Critical Unreviewed

CVE-2025-53690 was published Sep 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,421 advisories