GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,616

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105,775 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0... High Unreviewed

CVE-2024-8527 was published Nov 19, 2025

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race... High Unreviewed

CVE-2025-12472 was published Nov 19, 2025

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of... High Unreviewed

CVE-2025-11230 was published Nov 19, 2025

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to,... High Unreviewed

CVE-2025-13035 was published Nov 19, 2025

Out-of-bounds Read in Shelly Pro 3EM (before v1.4.4) allows Overread Buffers. High Unreviewed

CVE-2025-12056 was published Nov 19, 2025

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-13206 was published Nov 19, 2025

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper... High Unreviewed

CVE-2025-11446 was published Nov 19, 2025

Allocation of Resources Without Limits or Throttling vulnerability in Shelly Pro 4PM (before v1.6... High Unreviewed

CVE-2025-11243 was published Nov 19, 2025

The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and... High Unreviewed

CVE-2025-12484 was published Nov 19, 2025

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to PHP... High Unreviewed

CVE-2025-13145 was published Nov 19, 2025

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'dayofyear'... High Unreviewed

CVE-2025-12646 was published Nov 19, 2025

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a... High Unreviewed

CVE-2025-12852 was published Nov 19, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of... High Unreviewed

CVE-2025-63955 was published Nov 18, 2025

A vulnerability in the web-based management interface of affected products could allow an... High Unreviewed

CVE-2025-37161 was published Nov 18, 2025

A command injection vulnerability has been identified in the command line interface of the HPE... High Unreviewed

CVE-2025-37163 was published Nov 18, 2025

A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed

CVE-2025-37155 was published Nov 18, 2025

Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string(... High Unreviewed

CVE-2025-64076 was published Nov 18, 2025

An improper neutralization of special elements used in an SQL Command ("SQL Injection")... High Unreviewed

CVE-2025-58692 was published Nov 18, 2025

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4... High Unreviewed

CVE-2025-58413 was published Nov 18, 2025

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2025-58034 was published Nov 18, 2025

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage. High Unreviewed

CVE-2025-56527 was published Nov 18, 2025

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an... High Unreviewed

CVE-2025-33183 was published Nov 18, 2025

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing... High Unreviewed

CVE-2025-34324 was published Nov 18, 2025

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] in Fortinet... High Unreviewed

CVE-2025-47761 was published Nov 18, 2025

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an... High Unreviewed

CVE-2025-33184 was published Nov 18, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105,775 advisories