GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,755
Composer 4,471
Erlang 33
GitHub Actions 24
Go 2,180
Maven 5,418
npm 3,836
NuGet 696
pip 3,555
Pub 12
RubyGems 910
Rust 908
Swift 38

Unreviewed advisories

All unreviewed 248,575

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

97,360 advisories

Filter by severity

Sort by

Least recently updated

Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute... High Unreviewed

CVE-2025-29807 was published Mar 21, 2025

EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote... High Unreviewed

CVE-2025-2585 was published Mar 21, 2025

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200... High Unreviewed

CVE-2025-26336 was published Mar 21, 2025

In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could... High Unreviewed

CVE-2025-30334 was published Mar 20, 2025

Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user... High Unreviewed

CVE-2025-2480 was published Mar 20, 2025

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including... High Unreviewed

CVE-2025-1796 was published Mar 20, 2025

The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed

CVE-2025-2539 was published Mar 20, 2025

The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object... High Unreviewed

CVE-2024-13558 was published Mar 20, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2024-13921 was published Mar 20, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed

CVE-2024-13923 was published Mar 20, 2025

A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a... High Unreviewed

CVE-2025-0185 was published Mar 20, 2025

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large... High Unreviewed

CVE-2025-0190 was published Mar 20, 2025

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app... High Unreviewed

CVE-2025-0187 was published Mar 20, 2025

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service... High Unreviewed

CVE-2025-0189 was published Mar 20, 2025

A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory... High Unreviewed

CVE-2025-0182 was published Mar 20, 2025

A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and... High Unreviewed

CVE-2025-0281 was published Mar 20, 2025

A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart... High Unreviewed

CVE-2025-1451 was published Mar 20, 2025

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model... High Unreviewed

CVE-2025-0313 was published Mar 20, 2025

A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF... High Unreviewed

CVE-2025-0315 was published Mar 20, 2025

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a... High Unreviewed

CVE-2025-0317 was published Mar 20, 2025

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized... High Unreviewed

CVE-2025-0312 was published Mar 20, 2025

AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that... High Unreviewed

CVE-2025-1040 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed

CVE-2025-0454 was published Mar 20, 2025

eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems... High Unreviewed

CVE-2025-0452 was published Mar 20, 2025

A Path Traversal vulnerability exists in the `/wipe_database` endpoint of parisneo/lollms version... High Unreviewed

CVE-2024-9597 was published Mar 20, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

97,360 advisories