Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
42
Go
3,114
Maven
5,000+
npm
5,000+
NuGet
826
pip
4,428
Pub
12
RubyGems
988
Rust
1,171
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110,716 advisories

Loading
A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file... High Unreviewed
CVE-2026-3703 was published Mar 8, 2026
A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this... High Unreviewed
CVE-2026-3701 was published Mar 8, 2026
A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function... High Unreviewed
CVE-2026-3698 was published Mar 8, 2026
A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the... High Unreviewed
CVE-2026-3699 was published Mar 8, 2026
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function... High Unreviewed
CVE-2026-3700 was published Mar 8, 2026
A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the... High Unreviewed
CVE-2026-3678 was published Mar 8, 2026
A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the... High Unreviewed
CVE-2026-3679 was published Mar 8, 2026
A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the... High Unreviewed
CVE-2026-3677 was published Mar 8, 2026
The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... High Unreviewed
CVE-2025-14675 was published Mar 7, 2026
The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar... High Unreviewed
CVE-2026-1074 was published Mar 7, 2026
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-8899 was published Mar 7, 2026
The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2026-2020 was published Mar 7, 2026
The Easy PHP Settings plugin for WordPress is vulnerable to PHP Code Injection in all versions up... High Unreviewed
CVE-2026-3352 was published Mar 7, 2026
The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all... High Unreviewed
CVE-2025-14353 was published Mar 7, 2026
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing... High Unreviewed
CVE-2026-25071 was published Mar 7, 2026
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable... High Unreviewed
CVE-2026-25072 was published Mar 7, 2026
The WebSocket Application Programming Interface lacks restrictions on the number of... High Unreviewed
CVE-2026-24696 was published Mar 6, 2026
The WebSocket Application Programming Interface lacks restrictions on the number of... High Unreviewed
CVE-2026-20882 was published Mar 6, 2026
An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP... High Unreviewed
CVE-2026-2753 was published Mar 6, 2026
Navtor NavBox exposes sensitive configuration and operational data due to missing authentication... High Unreviewed
CVE-2026-2754 was published Mar 6, 2026
OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to... High Unreviewed
CVE-2018-25199 was published Mar 6, 2026
Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed
CVE-2018-25166 was published Mar 6, 2026
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc... High Unreviewed
CVE-2018-25167 was published Mar 6, 2026
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the... High Unreviewed
CVE-2018-25169 was published Mar 6, 2026
Pedidos 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2018-25172 was published Mar 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database