GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,744
Composer 4,746
Erlang 35
GitHub Actions 29
Go 2,319
Maven 5,603
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 920
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,832

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,495 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by... Critical Unreviewed

CVE-2025-5622 was published Jun 5, 2025

A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This... Critical Unreviewed

CVE-2025-5623 was published Jun 5, 2025

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads... Critical Unreviewed

CVE-2025-23097 was published Jun 3, 2025

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a... Critical Unreviewed

CVE-2025-4578 was published Jun 4, 2025

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu... Critical Unreviewed

CVE-2025-5600 was published Jun 4, 2025

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure ... Critical Unreviewed

CVE-2025-20286 was published Jun 4, 2025

A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed

CVE-2025-20188 was published May 7, 2025

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function... Critical Unreviewed

CVE-2025-49223 was published Jun 4, 2025

An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed

CVE-2025-45854 was published Jun 3, 2025

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer... Critical Unreviewed

CVE-2024-38541 was published Jun 19, 2024

Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve... Critical Unreviewed

CVE-2025-5598 was published Jun 4, 2025

Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed

CVE-2025-5597 was published Jun 4, 2025

This vulnerability allows the successful attacker to gain unauthorized access to a configuration... Critical Unreviewed

CVE-2024-13967 was published Jun 4, 2025

A session management vulnerability exists in Apache Roller before version 6.1.5 where active user... Critical Unreviewed

CVE-2025-24859 was published Apr 14, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary... Critical Unreviewed

CVE-2024-23741 was published Jan 28, 2024

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed

CVE-2024-12718 was published Jun 3, 2025

Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2023-51812 was published Jan 4, 2024

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed

CVE-2021-42949 was published Sep 17, 2022

The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation... Critical Unreviewed

CVE-2022-39008 was published Sep 17, 2022

Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to... Critical Unreviewed

CVE-2025-44148 was published Jun 3, 2025

In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed

CVE-2025-32106 was published Jun 3, 2025

A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an... Critical Unreviewed

CVE-2025-32105 was published Jun 3, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Critical Unreviewed

CVE-2025-25022 was published Jun 3, 2025

The location module has a vulnerability of bypassing permission verification.Successful... Critical Unreviewed

CVE-2022-39007 was published Sep 17, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,495 advisories