GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,593

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,993 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

When the service of ABP and AES is installed in a directory writable by non-administrative users,... Critical Unreviewed

CVE-2025-13051 was published Nov 19, 2025

Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the... Critical Unreviewed

CVE-2021-25779 was published May 24, 2022

A command inject vulnerability allows an attacker to perform command injection on Windows... Critical Unreviewed

CVE-2024-3566 was published Apr 10, 2024

A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation... Critical Unreviewed

CVE-2025-9312 was published Nov 18, 2025

The commissioning wizard on the affected devices does not validate if the device is already... Critical Unreviewed

CVE-2025-41733 was published Nov 18, 2025

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the... Critical Unreviewed

CVE-2025-41734 was published Nov 18, 2025

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows... Critical Unreviewed

CVE-2025-41346 was published Nov 18, 2025

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious... Critical Unreviewed

CVE-2025-40549 was published Nov 18, 2025

A missing validation process exists in Serv U when abused, could give a malicious actor with... Critical Unreviewed

CVE-2025-40548 was published Nov 18, 2025

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with... Critical Unreviewed

CVE-2025-40547 was published Nov 18, 2025

A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap... Critical Unreviewed

CVE-2025-32911 was published Apr 15, 2025

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates... Critical Unreviewed

CVE-2025-48581 was published Sep 4, 2025

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7... Critical Unreviewed

CVE-2025-34044 was published Jun 26, 2025

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version... Critical Unreviewed

CVE-2025-34049 was published Jun 26, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of... Critical Unreviewed

CVE-2025-34039 was published Jun 26, 2025

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware... Critical Unreviewed

CVE-2025-34042 was published Jun 26, 2025

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed

CVE-2018-4878 was published May 13, 2022

An unauthenticated file upload vulnerability exists in the Fanwei E-Office <= v9.4 web management... Critical Unreviewed

CVE-2025-34046 was published Jun 26, 2025

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via... Critical Unreviewed

CVE-2016-4117 was published May 14, 2022

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to... Critical Unreviewed

CVE-2016-4171 was published May 13, 2022

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow... Critical Unreviewed

CVE-2018-5002 was published May 13, 2022

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in... Critical Unreviewed

CVE-2024-44659 was published Nov 17, 2025

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default... Critical Unreviewed

CVE-2025-63747 was published Nov 17, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,993 advisories