GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,675

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,164 advisories

Filter by severity

Sort by

Least recently updated

The Adifier System plugin for WordPress is vulnerable to privilege escalation via account... Critical Unreviewed

CVE-2024-13375 was published Jan 18, 2025

A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A... Critical Unreviewed

CVE-2023-50738 was published Jan 17, 2025

Even if the authentication fails for local service authentication, the requested command could... Critical Unreviewed

CVE-2022-46732 was published Jan 18, 2023

In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access... Critical Unreviewed

CVE-2017-13322 was published Jan 18, 2025

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11639 was published Dec 10, 2024

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution... Critical Unreviewed

CVE-2023-41913 was published Dec 7, 2023

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter... Critical Unreviewed

CVE-2024-57581 was published Jan 16, 2025

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter... Critical Unreviewed

CVE-2024-57579 was published Jan 16, 2025

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed

CVE-2024-48126 was published Jan 15, 2025

RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the... Critical Unreviewed

CVE-2025-22904 was published Jan 16, 2025

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in... Critical Unreviewed

CVE-2024-57582 was published Jan 16, 2025

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in... Critical Unreviewed

CVE-2024-57580 was published Jan 16, 2025

JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2024-57768 was published Jan 16, 2025

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model... Critical Unreviewed

CVE-2023-31814 was published May 23, 2023

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec... Critical Unreviewed

CVE-2024-13503 was published Jan 17, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2024-13502 was published Jan 17, 2025

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via... Critical Unreviewed

CVE-2024-1981 was published Feb 29, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web... Critical Unreviewed

CVE-2025-23922 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows... Critical Unreviewed

CVE-2025-23797 was published Jan 16, 2025

An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210... Critical Unreviewed

CVE-2024-57684 was published Jan 16, 2025

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed

CVE-2024-57018 was published Jan 15, 2025

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed

CVE-2024-57021 was published Jan 15, 2025

An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH... Critical Unreviewed

CVE-2025-22968 was published Jan 15, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57479 was published Jan 15, 2025

Incorrect Access Control in Cfx.re FXServer v9601 and earlier allows unauthenticated users to... Critical Unreviewed

CVE-2024-46310 was published Jan 13, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,164 advisories