Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99,277 advisories

Loading
A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be... High Unreviewed
CVE-2025-1533 was published May 12, 2025
An unauthenticated remote attacker can cause a buffer overflow which could lead to unexpected... High Unreviewed
CVE-2025-3496 was published May 12, 2025
The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with... High Unreviewed
CVE-2025-4561 was published May 12, 2025
The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before... High Unreviewed
CVE-2024-12638 was published Jan 30, 2025
The Bulk Me Now! WordPress plugin through 2.0 does not validate and escape some of its shortcode... High Unreviewed
CVE-2024-12708 was published Jan 30, 2025
The Competition Form WordPress plugin through 2.0 does not sanitise and escape a parameter before... High Unreviewed
CVE-2024-12749 was published Jan 29, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... High Unreviewed
CVE-2025-3462 was published May 9, 2025
A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This... High Unreviewed
CVE-2025-4544 was published May 11, 2025
A vulnerability was found in MTSoftware C-Lodop 6.6.1.1. It has been rated as critical. This... High Unreviewed
CVE-2025-4540 was published May 11, 2025
A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This... High Unreviewed
CVE-2025-4539 was published May 11, 2025
A vulnerability classified as critical has been found in Shanghai Bairui Information Technology... High Unreviewed
CVE-2025-4532 was published May 11, 2025
In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role... High Unreviewed
CVE-2025-47817 was published May 11, 2025
A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows.... High Unreviewed
CVE-2025-4525 was published May 11, 2025
A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class... High Unreviewed
CVE-2025-1752 was published May 10, 2025
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-3876 was published May 10, 2025
The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for... High Unreviewed
CVE-2025-2158 was published May 10, 2025
A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1... High Unreviewed
CVE-2025-4496 was published May 10, 2025
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0... High Unreviewed
CVE-2025-3224 was published Apr 28, 2025
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated... High Unreviewed
CVE-2025-1137 was published May 10, 2025
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed... High Unreviewed
CVE-2022-3368 was published Oct 18, 2022
Retool (self-hosted) before 3.196.0 allows Host header injection. When the BASE_DOMAIN... High Unreviewed
CVE-2025-47424 was published May 10, 2025
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the... High Unreviewed
CVE-2025-21460 was published May 6, 2025
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed
CVE-2025-21469 was published May 6, 2025
Transient DOS while parsing per STA profile in ML IE. High Unreviewed
CVE-2025-21459 was published May 6, 2025
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result... High Unreviewed
CVE-2021-28831 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database