GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,790

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,433 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2025-2771 was published Apr 23, 2025

A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations... Moderate Unreviewed

CVE-2025-29526 was published Apr 23, 2025

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution... Moderate Unreviewed

CVE-2025-2763 was published Apr 23, 2025

BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed

CVE-2025-2770 was published Apr 23, 2025

TOTOLINK A800R V4.1.2cu.5032_B20200408 is vulnerable to Command Injection in downloadFile.cgi via... Moderate Unreviewed

CVE-2025-28017 was published Apr 23, 2025

A directory traversal vulnerability exists in Ivanti LANDesk Management Gateway through 4.2-1.9.... Moderate Unreviewed

CVE-2025-43716 was published Apr 23, 2025

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1054 was published Apr 23, 2025

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API... Moderate Unreviewed

CVE-2025-42604 was published Apr 23, 2025

A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed

CVE-2024-10306 was published Apr 23, 2025

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor... Moderate Unreviewed

CVE-2025-2703 was published Apr 23, 2025

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed

CVE-2025-2595 was published Apr 23, 2025

A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR... Moderate Unreviewed

CVE-2025-0618 was published Apr 23, 2025

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed

CVE-2025-0926 was published Apr 23, 2025

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a... Moderate Unreviewed

CVE-2025-1056 was published Apr 23, 2025

A vulnerability in the kernel of the Cray Operating System (COS) could allow an attacker to... Moderate Unreviewed

CVE-2025-27087 was published Apr 23, 2025

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Moderate Unreviewed

CVE-2025-29743 was published Apr 22, 2025

A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg... Moderate Unreviewed

CVE-2024-53569 was published Apr 22, 2025

SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data... Moderate Unreviewed

CVE-2025-31327 was published Apr 22, 2025

SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to... Moderate Unreviewed

CVE-2025-31328 was published Apr 22, 2025

A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal... Moderate Unreviewed

CVE-2024-53568 was published Apr 22, 2025

A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net... Moderate Unreviewed

CVE-2025-43952 was published Apr 22, 2025

A cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5 allows attackers to execute... Moderate Unreviewed

CVE-2023-43378 was published Apr 22, 2025

A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows... Moderate Unreviewed

CVE-2023-44753 was published Apr 22, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the... Moderate Unreviewed

CVE-2025-28031 was published Apr 22, 2025

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2025-27907 was published Apr 22, 2025

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

129,433 advisories