GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,665
Composer 4,466
Erlang 33
GitHub Actions 22
Go 2,166
Maven 5,398
npm 3,829
NuGet 696
pip 3,507
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,749

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,639 advisories

Filter by severity

Sort by

Least recently updated

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed

CVE-2025-1771 was published Mar 15, 2025

A mismatch between allocator and deallocator could have lead to memory corruption. This... Critical Unreviewed

CVE-2024-6602 was published Jul 9, 2024

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP... Critical Unreviewed

CVE-2022-46637 was published Feb 21, 2023

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based... Critical Unreviewed

CVE-2023-26253 was published Feb 21, 2023

A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)... Critical Unreviewed

CVE-2023-24080 was published Feb 22, 2023

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length... Critical Unreviewed

CVE-2024-45490 was published Aug 30, 2024

In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and... Critical Unreviewed

CVE-2018-25099 was published Mar 18, 2024

SQL Injection Vulnerability in tanujpatra228 Tution Management System (TMS) via the email... Critical Unreviewed

CVE-2022-45677 was published Feb 21, 2023

A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing... Critical Unreviewed

CVE-2024-12603 was published Dec 13, 2024

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection. Critical Unreviewed

CVE-2024-47219 was published Sep 22, 2024

Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the page parameter from... Critical Unreviewed

CVE-2024-30628 was published Mar 29, 2024

OS command injection vulnerability exists in awkblog v0.0.1 (commit hash... Critical Unreviewed

CVE-2024-36360 was published Jun 11, 2024

VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A... Critical Unreviewed

CVE-2024-22267 was published May 14, 2024

The device uses a weak hashing alghorithm to create the password hash. Hence, a matching password... Critical Unreviewed

CVE-2025-27595 was published Mar 14, 2025

The product can be used to distribute malicious code using SDD Device Drivers due to missing... Critical Unreviewed

CVE-2025-27593 was published Mar 14, 2025

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS When a user wishes to... Critical Unreviewed

CVE-2025-2304 was published Mar 14, 2025

The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed

CVE-2025-2232 was published Mar 14, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-13771 was published Mar 14, 2025

The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13824 was published Mar 14, 2025

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed

CVE-2024-11284 was published Mar 14, 2025

The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-11286 was published Mar 14, 2025

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed

CVE-2024-11285 was published Mar 14, 2025

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-46012 was published May 7, 2024

Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary... Critical Unreviewed

CVE-2024-22718 was published Apr 11, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,639 advisories