GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,718
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,318
Maven 5,601
npm 3,950
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,707

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

257,707 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714... Moderate Unreviewed

CVE-2025-5502 was published Jun 3, 2025

Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter... Unknown Unreviewed

CVE-2025-43924 was published Jun 3, 2025

IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform... Moderate Unreviewed

CVE-2024-45655 was published Jun 3, 2025

An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1... Moderate Unreviewed

CVE-2025-45855 was published Jun 3, 2025

An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded... Moderate Unreviewed

CVE-2025-43925 was published Jun 3, 2025

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed

CVE-2024-12718 was published Jun 3, 2025

Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed

CVE-2025-4138 was published Jun 3, 2025

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that... High Unreviewed

CVE-2025-4435 was published Jun 3, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed

CVE-2025-4330 was published Jun 3, 2025

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed

CVE-2024-54189 was published Jun 3, 2025

The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-4205 was published Jun 3, 2025

The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is... High Unreviewed

CVE-2025-4392 was published Jun 3, 2025

The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-4671 was published Jun 3, 2025

The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-5340 was published Jun 3, 2025

A vulnerability was found in Baison Channel Middleware Product 2.0.1 and classified as critical.... Moderate Unreviewed

CVE-2025-5493 was published Jun 3, 2025

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical.... Moderate Unreviewed

CVE-2025-5492 was published Jun 3, 2025

A directory traversal vulnerability exists in the PVMP package unpacking functionality of... High Unreviewed

CVE-2025-31359 was published Jun 3, 2025

A privilege escalation vulnerability exists in the virtual machine archive restoration... High Unreviewed

CVE-2024-36486 was published Jun 3, 2025

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed

CVE-2024-52561 was published Jun 3, 2025

The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... Moderate Unreviewed

CVE-2025-1725 was published Jun 3, 2025

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-4420 was published Jun 3, 2025

The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to boolean-based SQL... Moderate Unreviewed

CVE-2025-5103 was published Jun 3, 2025

The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-5116 was published Jun 3, 2025

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Moderate Unreviewed

CVE-2025-41428 was published Jun 3, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

257,707 advisories