GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,028
Composer 4,876
Erlang 37
GitHub Actions 37
Go 2,526
Maven 5,976
npm 4,188
NuGet 741
pip 3,968
Pub 12
RubyGems 947
Rust 1,030
Swift 39

Unreviewed advisories

All unreviewed 271,290

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,558 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL... Critical Unreviewed

CVE-2024-1839 was published Jun 26, 2024

In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can... Critical Unreviewed

CVE-2025-55187 was published Sep 26, 2025

Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a... Critical Unreviewed

CVE-2025-60156 was published Sep 26, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer... Critical Unreviewed

CVE-2025-60219 was published Sep 26, 2025

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within... Critical Unreviewed

CVE-2025-10542 was published Sep 25, 2025

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and... Critical Unreviewed

CVE-2024-8517 was published Sep 6, 2024

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and... Critical Unreviewed

CVE-2024-7314 was published Aug 2, 2024

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed

CVE-2024-8956 was published Sep 17, 2024

This vulnerability allows attackers to execute arbitrary commands on the underlying system.... Critical Unreviewed

CVE-2025-59817 was published Sep 25, 2025

This vulnerability allows malicious actors to execute arbitrary commands on the underlying system... Critical Unreviewed

CVE-2025-59815 was published Sep 25, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and... Critical Unreviewed

CVE-2025-59814 was published Sep 25, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2025-20333 was published Sep 25, 2025

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2025-20363 was published Sep 25, 2025

CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used,... Critical Unreviewed

CVE-2025-54309 was published Jul 18, 2025

A vulnerability was identified in Docker Desktop that allows local running Linux containers to... Critical Unreviewed

CVE-2025-9074 was published Aug 20, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed

CVE-2025-34187 was published Sep 16, 2025

A missing authentication for critical function vulnerability in SUNNET Corporate Training... Critical Unreviewed

CVE-2025-54942 was published Sep 25, 2025

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11... Critical Unreviewed

CVE-2025-54943 was published Sep 25, 2025

An external control of file name or path vulnerability in SUNNET Corporate Training Management... Critical Unreviewed

CVE-2025-54945 was published Sep 25, 2025

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows... Critical Unreviewed

CVE-2025-54946 was published Sep 25, 2025

Partner Software's Partner Software Product and corresponding Partner Web application use the... Critical Unreviewed

CVE-2025-6077 was published Aug 2, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and... Critical Unreviewed

CVE-2025-34199 was published Sep 19, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,558 advisories