GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,228

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,131 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting... Critical Unreviewed

CVE-2025-64081 was published Dec 8, 2025

In multiple locations, there is a possible way to launch an application from the background due... Critical Unreviewed

CVE-2025-48626 was published Dec 8, 2025

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer... Critical Unreviewed

CVE-2022-37055 was published Aug 29, 2022

Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2... Critical Unreviewed

CVE-2025-63362 was published Dec 4, 2025

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed

CVE-2022-50593 was published Nov 6, 2025

A SQL injection vulnerability has been reported to affect several QNAP operating system versions.... Critical Unreviewed

CVE-2024-50387 was published Dec 6, 2024

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library. Critical Unreviewed

CVE-2025-29268 was published Dec 4, 2025

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-64657 was published Nov 26, 2025

Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize... Critical Unreviewed

CVE-2025-27019 was published Dec 8, 2025

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to... Critical Unreviewed

CVE-2025-27020 was published Dec 8, 2025

Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB,... Critical Unreviewed

CVE-2023-7077 was published Feb 5, 2024

Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300... Critical Unreviewed

CVE-2021-20699 was published May 24, 2022

The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress... Critical Unreviewed

CVE-2025-13377 was published Dec 6, 2025

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2025-12673 was published Dec 6, 2025

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account... Critical Unreviewed

CVE-2025-34291 was published Dec 6, 2025

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an... Critical Unreviewed

CVE-2025-53963 was published Dec 4, 2025

The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are... Critical Unreviewed

CVE-2025-54303 was published Dec 4, 2025

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed

CVE-2025-54304 was published Dec 4, 2025

An exposure of sensitive information vulnerability has been reported to affect Media Streaming... Critical Unreviewed

CVE-2023-47222 was published Apr 26, 2024

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-5853 was published Jun 19, 2024

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial... Critical Unreviewed

CVE-2025-65868 was published Dec 3, 2025

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local... Critical Unreviewed

CVE-2025-64055 was published Dec 3, 2025

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.... Critical Unreviewed

CVE-2023-49666 was published Jan 4, 2024

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a hard-coded cryptographic key... Critical Unreviewed

CVE-2025-34256 was published Dec 5, 2025

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution... Critical Unreviewed

CVE-2020-36877 was published Dec 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,131 advisories