GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,593

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,993 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

When the service of ABP and AES is installed in a directory writable by non-administrative users,... Critical Unreviewed

CVE-2025-13051 was published Nov 19, 2025

A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation... Critical Unreviewed

CVE-2025-9312 was published Nov 18, 2025

The commissioning wizard on the affected devices does not validate if the device is already... Critical Unreviewed

CVE-2025-41733 was published Nov 18, 2025

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the... Critical Unreviewed

CVE-2025-41734 was published Nov 18, 2025

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows... Critical Unreviewed

CVE-2025-41346 was published Nov 18, 2025

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with... Critical Unreviewed

CVE-2025-40547 was published Nov 18, 2025

A missing validation process exists in Serv U when abused, could give a malicious actor with... Critical Unreviewed

CVE-2025-40548 was published Nov 18, 2025

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious... Critical Unreviewed

CVE-2025-40549 was published Nov 18, 2025

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in... Critical Unreviewed

CVE-2024-44659 was published Nov 17, 2025

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default... Critical Unreviewed

CVE-2025-63747 was published Nov 17, 2025

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-13284 was published Nov 17, 2025

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the... Critical Unreviewed

CVE-2025-9501 was published Nov 17, 2025

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no... Critical Unreviewed

CVE-2025-10460 was published Nov 17, 2025

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd... Critical Unreviewed

CVE-2021-4470 was published Nov 15, 2025

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded... Critical Unreviewed

CVE-2025-58083 was published Nov 15, 2025

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code... Critical Unreviewed

CVE-2024-28988 was published Nov 15, 2025

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54339 was published Nov 14, 2025

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54343 was published Nov 14, 2025

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0... Critical Unreviewed

CVE-2025-64446 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow... Critical Unreviewed

CVE-2025-36251 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments... Critical Unreviewed

CVE-2025-36096 was published Nov 14, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service ... Critical Unreviewed

CVE-2025-36250 was published Nov 14, 2025

An authentication bypass vulnerability has been identified in certain DSL series routers, may... Critical Unreviewed

CVE-2025-59367 was published Nov 13, 2025

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602... Critical Unreviewed

CVE-2021-4464 was published Nov 13, 2025

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control... Critical Unreviewed

CVE-2025-46608 was published Nov 12, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,993 advisories