GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 258,021

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,512 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-47586 was published Jun 6, 2025

A missing authentication for critical function vulnerability in the client application of Soar... Critical Unreviewed

CVE-2025-5192 was published Jun 6, 2025

An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed

CVE-2025-48782 was published Jun 6, 2025

A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD... Critical Unreviewed

CVE-2025-48780 was published Jun 6, 2025

A missing protection against path traversal allows to access any file on the server. Critical Unreviewed

CVE-2025-3365 was published Jun 6, 2025

A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed

CVE-2025-3321 was published Jun 6, 2025

An improper neutralization of inputs used in expression language allows remote code execution... Critical Unreviewed

CVE-2025-3322 was published Jun 6, 2025

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing... Critical Unreviewed

CVE-2025-5486 was published Jun 6, 2025

Exposure of sensitive information to an unauthorized actor in Power Automate allows an... Critical Unreviewed

CVE-2025-47966 was published Jun 5, 2025

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that... Critical Unreviewed

CVE-2025-5701 was published Jun 5, 2025

Improper neutralization of input provided by an unauthorized user into changes__reference_id... Critical Unreviewed

CVE-2025-4568 was published Jun 5, 2025

Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection... Critical Unreviewed

CVE-2025-1793 was published Jun 5, 2025

A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This... Critical Unreviewed

CVE-2025-5630 was published Jun 5, 2025

A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This... Critical Unreviewed

CVE-2025-5624 was published Jun 5, 2025

A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by... Critical Unreviewed

CVE-2025-5622 was published Jun 5, 2025

A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This... Critical Unreviewed

CVE-2025-5623 was published Jun 5, 2025

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu... Critical Unreviewed

CVE-2025-5600 was published Jun 4, 2025

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure ... Critical Unreviewed

CVE-2025-20286 was published Jun 4, 2025

Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed

CVE-2025-5597 was published Jun 4, 2025

Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve... Critical Unreviewed

CVE-2025-5598 was published Jun 4, 2025

This vulnerability allows the successful attacker to gain unauthorized access to a configuration... Critical Unreviewed

CVE-2024-13967 was published Jun 4, 2025

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a... Critical Unreviewed

CVE-2025-4578 was published Jun 4, 2025

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function... Critical Unreviewed

CVE-2025-49223 was published Jun 4, 2025

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads... Critical Unreviewed

CVE-2025-23097 was published Jun 3, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Critical Unreviewed

CVE-2025-25022 was published Jun 3, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,512 advisories