GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,217

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,127 advisories

Filter by severity

Sort by

Least recently updated

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... Critical Unreviewed

CVE-2025-28034 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local... Critical Unreviewed

CVE-2025-1950 was published Apr 22, 2025

The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. Critical Unreviewed

CVE-2024-58250 was published Apr 22, 2025

Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function... Critical Unreviewed

CVE-2025-29659 was published Apr 21, 2025

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed

CVE-2025-29660 was published Apr 21, 2025

Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed

CVE-2025-28230 was published Apr 21, 2025

Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows... Critical Unreviewed

CVE-2025-28232 was published Apr 21, 2025

TOTOLINK X18 v9.1.0cu.2024_B20220329 has an unauthorized arbitrary command execution in the... Critical Unreviewed

CVE-2025-29209 was published Apr 21, 2025

Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows... Critical Unreviewed

CVE-2025-28229 was published Apr 21, 2025

Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed

CVE-2025-0632 was published Apr 21, 2025

The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2021-4455 was published Apr 19, 2025

The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed

CVE-2025-1093 was published Apr 19, 2025

The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed

CVE-2025-3278 was published Apr 19, 2025

An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a... Critical Unreviewed

CVE-2024-53591 was published Apr 18, 2025

An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade... Critical Unreviewed

CVE-2025-29058 was published Apr 18, 2025

Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to... Critical Unreviewed

CVE-2025-28231 was published Apr 18, 2025

Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code... Critical Unreviewed

CVE-2025-28236 was published Apr 18, 2025

Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000,... Critical Unreviewed

CVE-2025-28233 was published Apr 18, 2025

Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10... Critical Unreviewed

CVE-2025-28238 was published Apr 18, 2025

Improper session management in the /login_ok.htm endpoint of DAEnetIP4 METO v1.25 allows... Critical Unreviewed

CVE-2025-28242 was published Apr 18, 2025

An improper authentication control vulnerability exists in AiCloud. This vulnerability can be... Critical Unreviewed

CVE-2025-2492 was published Apr 18, 2025

Insecure default settings have been found in recorder products provided by Yokogawa Electric... Critical Unreviewed

CVE-2025-1863 was published Apr 18, 2025

Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow... Critical Unreviewed

CVE-2025-42599 was published Apr 18, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-39471 was published Apr 18, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,127 advisories