GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,030
Composer 4,876
Erlang 37
GitHub Actions 37
Go 2,526
Maven 5,976
npm 4,189
NuGet 742
pip 3,968
Pub 12
RubyGems 947
Rust 1,030
Swift 39

Unreviewed advisories

All unreviewed 271,398

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,560 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code... Critical Unreviewed

CVE-2025-58384 was published Sep 26, 2025

In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can... Critical Unreviewed

CVE-2025-55187 was published Sep 26, 2025

Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a... Critical Unreviewed

CVE-2025-60156 was published Sep 26, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer... Critical Unreviewed

CVE-2025-60219 was published Sep 26, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

This vulnerability allows attackers to execute arbitrary commands on the underlying system.... Critical Unreviewed

CVE-2025-59817 was published Sep 25, 2025

This vulnerability allows malicious actors to execute arbitrary commands on the underlying system... Critical Unreviewed

CVE-2025-59815 was published Sep 25, 2025

This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and... Critical Unreviewed

CVE-2025-59814 was published Sep 25, 2025

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2025-20363 was published Sep 25, 2025

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2025-20333 was published Sep 25, 2025

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within... Critical Unreviewed

CVE-2025-10542 was published Sep 25, 2025

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11... Critical Unreviewed

CVE-2025-54943 was published Sep 25, 2025

An external control of file name or path vulnerability in SUNNET Corporate Training Management... Critical Unreviewed

CVE-2025-54945 was published Sep 25, 2025

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows... Critical Unreviewed

CVE-2025-54946 was published Sep 25, 2025

A missing authentication for critical function vulnerability in SUNNET Corporate Training... Critical Unreviewed

CVE-2025-54942 was published Sep 25, 2025

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within... Critical Unreviewed

CVE-2025-57347 was published Sep 24, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote... Critical Unreviewed

CVE-2025-10890 was published Sep 24, 2025

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of... Critical Unreviewed

CVE-2025-21483 was published Sep 24, 2025

Memory corruption while selecting the PLMN from SOR failed list. Critical Unreviewed

CVE-2025-27034 was published Sep 24, 2025

The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is... Critical Unreviewed

CVE-2025-9054 was published Sep 24, 2025

The database for the web application is exposed without authentication, allowing an... Critical Unreviewed

CVE-2025-41715 was published Sep 24, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information... Critical Unreviewed

CVE-2025-9846 was published Sep 23, 2025

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for... Critical Unreviewed

CVE-2025-10412 was published Sep 23, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,560 advisories