Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98,900 advisories

Loading
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS).... High Unreviewed
CVE-2025-37088 was published Apr 23, 2025
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in... High Unreviewed
CVE-2025-29621 was published Apr 22, 2025
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to... High Unreviewed
CVE-2025-43947 was published Apr 22, 2025
DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a... High Unreviewed
CVE-2025-43950 was published Apr 22, 2025
Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input... High Unreviewed
CVE-2025-43948 was published Apr 22, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28027 was published Apr 22, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28029 was published Apr 22, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28026 was published Apr 22, 2025
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper... High Unreviewed
CVE-2025-23250 was published Apr 22, 2025
NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of... High Unreviewed
CVE-2025-23249 was published Apr 22, 2025
NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of... High Unreviewed
CVE-2025-23251 was published Apr 22, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the... High Unreviewed
CVE-2025-28030 was published Apr 22, 2025
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability... High Unreviewed
CVE-2025-29339 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-3767 was published Apr 22, 2025
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct... High Unreviewed
CVE-2024-33452 was published Apr 22, 2025
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') High Unreviewed
CVE-2025-23176 was published Apr 22, 2025
In Rollback Rx Professional 12.8.0.0, the driver file shieldm.sys allows local users to cause a... High Unreviewed
CVE-2025-29547 was published Apr 22, 2025
IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local... High Unreviewed
CVE-2025-1951 was published Apr 22, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... High Unreviewed
CVE-2025-28032 was published Apr 22, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... High Unreviewed
CVE-2025-28033 was published Apr 22, 2025
Directory Traversal vulnerability in forkosh Mime Tex before v.1.77 allows an attacker to execute... High Unreviewed
CVE-2024-40445 was published Apr 22, 2025
NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url... High Unreviewed
CVE-2024-46546 was published Apr 22, 2025
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2... High Unreviewed
CVE-2025-2092 was published Apr 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar allows... High Unreviewed
CVE-2025-46241 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-46242 was published Apr 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database