GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,762
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,489
Maven 5,912
npm 4,105
NuGet 735
pip 3,927
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,551

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,058 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed

CVE-2025-9539 was published Sep 9, 2025

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed

CVE-2025-40796 was published Sep 9, 2025

An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a... High Unreviewed

CVE-2025-41701 was published Sep 9, 2025

Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0... High Unreviewed

CVE-2025-59018 was published Sep 9, 2025

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed

CVE-2025-40797 was published Sep 9, 2025

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed

CVE-2025-40798 was published Sep 9, 2025

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the... High Unreviewed

CVE-2025-10120 was published Sep 9, 2025

Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed

CVE-2025-42916 was published Sep 9, 2025

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce... High Unreviewed

CVE-2025-42933 was published Sep 9, 2025

Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed

CVE-2025-42929 was published Sep 9, 2025

An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1.95.3, v1.100.1,... High Unreviewed

CVE-2025-56265 was published Sep 8, 2025

JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a... High Unreviewed

CVE-2025-40930 was published Sep 8, 2025

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to... High Unreviewed

CVE-2025-8085 was published Sep 8, 2025

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue.... High Unreviewed

CVE-2024-8957 was published Sep 17, 2024

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an... High Unreviewed

CVE-2021-37150 was published Aug 11, 2022

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when... High Unreviewed

CVE-2025-40928 was published Sep 8, 2025

WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and... High Unreviewed

CVE-2025-55849 was published Sep 8, 2025

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file... High Unreviewed

CVE-2025-9112 was published Sep 8, 2025

An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4... High Unreviewed

CVE-2025-52389 was published Sep 8, 2025

Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build.c, the... High Unreviewed

CVE-2025-52288 was published Sep 8, 2025

Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due... High Unreviewed

CVE-2025-52494 was published Sep 8, 2025

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject... High Unreviewed

CVE-2025-45805 was published Sep 8, 2025

Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local... High Unreviewed

CVE-2025-56803 was published Sep 8, 2025

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed

CVE-2025-49214 was published Jun 17, 2025

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed

CVE-2025-49215 was published Jun 17, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

103,058 advisories