Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,099
Maven
5,000+
npm
4,985
NuGet
826
pip
4,425
Pub
12
RubyGems
988
Rust
1,170
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292,351 advisories

Loading
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-26051 was published Mar 6, 2026
Navtor NavBox exposes sensitive configuration and operational data due to missing authentication... High Unreviewed
CVE-2026-2754 was published Mar 6, 2026
Navtor NavBox allows information disclosure via the /api/ais-data endpoint. A remote,... Moderate Unreviewed
CVE-2026-2752 was published Mar 6, 2026
An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP... High Unreviewed
CVE-2026-2753 was published Mar 6, 2026
OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated... Moderate Unreviewed
CVE-2018-25200 was published Mar 6, 2026
OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to... High Unreviewed
CVE-2018-25199 was published Mar 6, 2026
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access... High Unreviewed
CVE-2018-25187 was published Mar 6, 2026
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25181 was published Mar 6, 2026
Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25179 was published Mar 6, 2026
DoceboLMS 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25170 was published Mar 6, 2026
Alienor Web Libre 2.0 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed
CVE-2018-25175 was published Mar 6, 2026
Data Center Audit 2.6.2 contains a cross-site request forgery vulnerability that allows attackers... Moderate Unreviewed
CVE-2018-25177 was published Mar 6, 2026
Rmedia SMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25173 was published Mar 6, 2026
ServerZilla 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25196 was published Mar 6, 2026
PlayJoom 0.10.1 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25197 was published Mar 6, 2026
Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated... Moderate Unreviewed
CVE-2018-25190 was published Mar 6, 2026
Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows... High Unreviewed
CVE-2018-25182 was published Mar 6, 2026
eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash... Moderate Unreviewed
CVE-2018-25198 was published Mar 6, 2026
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed
CVE-2018-25186 was published Mar 6, 2026
Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed
CVE-2018-25168 was published Mar 6, 2026
Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed
CVE-2018-25188 was published Mar 6, 2026
Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of... High Unreviewed
CVE-2018-25189 was published Mar 6, 2026
EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute... High Unreviewed
CVE-2018-25171 was published Mar 6, 2026
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc... High Unreviewed
CVE-2018-25167 was published Mar 6, 2026
Pedidos 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25172 was published Mar 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database