Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,067
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,303 advisories

Loading
An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-40461 was published May 22, 2025
Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and... High Unreviewed
CVE-2025-45472 was published May 22, 2025
In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks. High Unreviewed
CVE-2024-52874 was published May 22, 2025
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and... High Unreviewed
CVE-2025-4833 was published May 17, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and... High Unreviewed
CVE-2025-4831 was published May 17, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and... High Unreviewed
CVE-2025-4830 was published May 17, 2025
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0... High Unreviewed
CVE-2025-4829 was published May 17, 2025
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been... High Unreviewed
CVE-2025-4823 was published May 17, 2025
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0... High Unreviewed
CVE-2025-4825 was published May 17, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and... High Unreviewed
CVE-2025-4826 was published May 17, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and... High Unreviewed
CVE-2025-4827 was published May 17, 2025
A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0... High Unreviewed
CVE-2025-4824 was published May 17, 2025
An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-40460 was published May 22, 2025
An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate... High Unreviewed
CVE-2024-40459 was published May 22, 2025
When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks... High Unreviewed
CVE-2025-40775 was published May 21, 2025
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-2020 was published Mar 13, 2024
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass... High Unreviewed
CVE-2022-31807 was published May 23, 2025
A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected... High Unreviewed
CVE-2022-31812 was published May 23, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-48292 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48245 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48286 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48273 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47575 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate allows Object... High Unreviewed
CVE-2025-47660 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database