GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,766
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,489
Maven 5,913
npm 4,106
NuGet 735
pip 3,928
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,573

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,362 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Impacted is an unknown... Moderate Unreviewed

CVE-2025-10107 was published Sep 9, 2025

A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and... Moderate Unreviewed

CVE-2025-43776 was published Sep 9, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed

CVE-2024-45325 was published Sep 9, 2025

A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by... Moderate Unreviewed

CVE-2025-47416 was published Sep 9, 2025

A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this... Moderate Unreviewed

CVE-2025-9665 was published Aug 29, 2025

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue... Moderate Unreviewed

CVE-2025-9610 was published Aug 29, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the Arcserve... Moderate Unreviewed

CVE-2025-34521 was published Aug 28, 2025

SolidInvoice 2.3.7 and v.2.3.8 is vulnerable to Cross Site Scripting (XSS) in the client's... Moderate Unreviewed

CVE-2025-55580 was published Aug 29, 2025

SolidInvoice 2.3.7 and fixed in v.2.3.8 is vulnerable to Cross Site Scripting (XSS) in the Tax... Moderate Unreviewed

CVE-2025-55579 was published Aug 29, 2025

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents... Moderate Unreviewed

CVE-2024-55955 was published Dec 31, 2024

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle... Moderate Unreviewed

CVE-2025-10095 was published Sep 9, 2025

Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that... Moderate Unreviewed

CVE-2025-1688 was published Apr 15, 2025

A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS... Moderate Unreviewed

CVE-2025-40594 was published Sep 9, 2025

A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... Moderate Unreviewed

CVE-2025-40757 was published Sep 9, 2025

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... Moderate Unreviewed

CVE-2025-9542 was published Sep 9, 2025

Missing authorization checks in the Backend Routing of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10... Moderate Unreviewed

CVE-2025-59017 was published Sep 9, 2025

An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11.0.0–11.5.47, 12.0.0–12.4... Moderate Unreviewed

CVE-2025-59014 was published Sep 9, 2025

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions... Moderate Unreviewed

CVE-2025-59015 was published Sep 9, 2025

Missing authorization checks in the CSV download feature of TYPO3 CMS versions 11.0.0‑11.5.47, 12... Moderate Unreviewed

CVE-2025-59019 was published Sep 9, 2025

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10... Moderate Unreviewed

CVE-2025-59013 was published Sep 9, 2025

Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS... Moderate Unreviewed

CVE-2025-59016 was published Sep 9, 2025

The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9058 was published Sep 9, 2025

The Wilmer Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9061 was published Sep 9, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,362 advisories