GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,240

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98,904 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-39397 was published Apr 24, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-32921 was published Apr 24, 2025

Due to missing authorization an unauthenticated remote attacker can cause a DoS attack by... High Unreviewed

CVE-2021-47662 was published Apr 24, 2025

Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a... High Unreviewed

CVE-2021-47663 was published Apr 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-3872 was published Apr 24, 2025

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users'... High Unreviewed

CVE-2025-1908 was published Apr 24, 2025

The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed

CVE-2025-3101 was published Apr 24, 2025

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed

CVE-2025-3058 was published Apr 24, 2025

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed

CVE-2025-3300 was published Apr 24, 2025

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2025-3607 was published Apr 24, 2025

The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed

CVE-2025-3776 was published Apr 24, 2025

The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2025-3761 was published Apr 24, 2025

The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to... High Unreviewed

CVE-2025-2558 was published Apr 24, 2025

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user... High Unreviewed

CVE-2025-1976 was published Apr 24, 2025

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates... High Unreviewed

CVE-2025-27580 was published Apr 24, 2025

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a... High Unreviewed

CVE-2025-32818 was published Apr 23, 2025

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local... High Unreviewed

CVE-2025-46400 was published Apr 23, 2025

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local... High Unreviewed

CVE-2025-46399 was published Apr 23, 2025

Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local... High Unreviewed

CVE-2025-46397 was published Apr 23, 2025

Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local... High Unreviewed

CVE-2025-46398 was published Apr 23, 2025

BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to... High Unreviewed

CVE-2025-28169 was published Apr 23, 2025

BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability.... High Unreviewed

CVE-2025-2773 was published Apr 23, 2025

Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. High Unreviewed

CVE-2025-3904 was published Apr 23, 2025

Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. High Unreviewed

CVE-2025-3903 was published Apr 23, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... High Unreviewed

CVE-2025-28022 was published Apr 23, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

98,904 advisories