GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,394
Composer 5,352
Erlang 44
GitHub Actions 45
Go 3,227
Maven 6,312
npm 5,194
NuGet 864
pip 4,502
Pub 12
RubyGems 995
Rust 1,187
Swift 51

Unreviewed advisories

All unreviewed 293,886

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,886 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer... High Unreviewed

CVE-2025-13601 was published Nov 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2026-28044 was published Mar 19, 2026

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed

CVE-2026-1238 was published Mar 19, 2026

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting... Moderate Unreviewed

CVE-2026-28070 was published Mar 19, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-27413 was published Mar 19, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd.... Critical Unreviewed

CVE-2026-27540 was published Mar 19, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Really Simple Plugins B.V.... Moderate Unreviewed

CVE-2026-27397 was published Mar 19, 2026

Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead... Critical Unreviewed

CVE-2026-27542 was published Mar 19, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2026-28073 was published Mar 19, 2026

Deserialization of Untrusted Data vulnerability in BuddhaThemes ColorFolio - Freelance Designer... High Unreviewed

CVE-2026-27096 was published Mar 19, 2026

Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary... High Unreviewed

CVE-2006-1865 was published May 1, 2022

Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP... Moderate Unreviewed

CVE-2005-3803 was published May 1, 2022

IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to... Moderate Unreviewed

CVE-2005-2160 was published May 1, 2022

curl inadvertently kept the SSL session ID for connections in its cache even when the verify... Moderate Unreviewed

CVE-2024-0853 was published Feb 3, 2024

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2... Moderate Unreviewed

CVE-2005-3716 was published May 1, 2022

Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*... Low Unreviewed

CVE-2006-2312 was published May 1, 2022

Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or... High Unreviewed

CVE-2006-3015 was published May 1, 2022

Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted... Moderate Unreviewed

CVE-2006-2056 was published May 1, 2022

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08... Critical Unreviewed

CVE-2023-45572 was published Oct 16, 2023

libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it... Critical Unreviewed

CVE-2024-25189 was published Feb 8, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix.This... Moderate Unreviewed

CVE-2024-25932 was published Feb 29, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2024-1437 was published Feb 29, 2024

In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed

CVE-2024-20002 was published Feb 5, 2024

Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote... Moderate Unreviewed

CVE-2006-2055 was published May 1, 2022

Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext... Low Unreviewed

CVE-2005-2209 was published May 1, 2022

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

293,886 advisories