GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,410
Composer 4,676
Erlang 34
GitHub Actions 26
Go 2,263
Maven 5,528
npm 3,915
NuGet 705
pip 3,686
Pub 12
RubyGems 916
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,150 advisories

Filter by severity

Sort by

Least recently updated

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file... Critical Unreviewed

CVE-2025-0520 was published Apr 29, 2025

SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed

CVE-2025-40617 was published Apr 29, 2025

Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed

CVE-2025-40619 was published Apr 29, 2025

SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed

CVE-2025-40618 was published Apr 29, 2025

A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed

CVE-2025-24252 was published Apr 29, 2025

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-45947 was published Apr 28, 2025

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change... Critical Unreviewed

CVE-2025-45953 was published Apr 28, 2025

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management... Critical Unreviewed

CVE-2025-45949 was published Apr 28, 2025

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed

CVE-2015-2079 was published Apr 28, 2025

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols... Critical Unreviewed

CVE-2025-3200 was published Apr 28, 2025

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... Critical Unreviewed

CVE-2025-26692 was published Apr 28, 2025

The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF... Critical Unreviewed

CVE-2025-2907 was published Apr 26, 2025

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration. Critical Unreviewed

CVE-2025-32980 was published Apr 25, 2025

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed

CVE-2025-32985 was published Apr 25, 2025

Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket... Critical Unreviewed

CVE-2025-25775 was published Apr 25, 2025

The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job... Critical Unreviewed

CVE-2025-2470 was published Apr 25, 2025

Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE)... Critical Unreviewed

CVE-2025-46616 was published Apr 25, 2025

WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to a command injection attack that could allow an... Critical Unreviewed

CVE-2025-46272 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed

CVE-2025-46273 was published Apr 25, 2025

WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create... Critical Unreviewed

CVE-2025-46275 was published Apr 25, 2025

UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated... Critical Unreviewed

CVE-2025-46271 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed

CVE-2025-46274 was published Apr 25, 2025

Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer... Critical Unreviewed

CVE-2025-26382 was published Apr 24, 2025

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization,... Critical Unreviewed

CVE-2025-31324 was published Apr 24, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,150 advisories