Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99,992 advisories

Loading
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3055 was published Jun 5, 2025
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2025-3054 was published Jun 5, 2025
A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47.... High Unreviewed
CVE-2025-5629 was published Jun 5, 2025
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This... High Unreviewed
CVE-2025-5619 was published Jun 5, 2025
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the... High Unreviewed
CVE-2025-5608 was published Jun 4, 2025
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue... High Unreviewed
CVE-2025-5607 was published Jun 4, 2025
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this... High Unreviewed
CVE-2025-5609 was published Jun 4, 2025
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper... High Unreviewed
CVE-2025-22243 was published Jun 4, 2025
A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC)... High Unreviewed
CVE-2025-20261 was published Jun 4, 2025
A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could... High Unreviewed
CVE-2025-20163 was published Jun 4, 2025
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker... High Unreviewed
CVE-2025-29093 was published Jun 4, 2025
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could... High Unreviewed
CVE-2025-1701 was published Jun 4, 2025
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2025-48961 was published Jun 4, 2025
A local privilege escalation in the razer_elevation_service.exe in Razer Synapse 4 through 4.0.86... High Unreviewed
CVE-2025-27811 was published Jun 4, 2025
Denial of service due to improper handling of malformed input. The following products are... High Unreviewed
CVE-2025-30415 was published Jun 4, 2025
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131... High Unreviewed
CVE-2018-25112 was published Jun 4, 2025
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service... High Unreviewed
CVE-2025-5601 was published Jun 4, 2025
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a... High Unreviewed
CVE-2025-47727 was published Jun 4, 2025
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a... High Unreviewed
CVE-2025-47726 was published Jun 4, 2025
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a... High Unreviewed
CVE-2025-47728 was published Jun 4, 2025
The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is... High Unreviewed
CVE-2025-5482 was published Jun 4, 2025
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a... High Unreviewed
CVE-2025-47725 was published Jun 4, 2025
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a... High Unreviewed
CVE-2025-47724 was published Jun 4, 2025
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected... High Unreviewed
CVE-2025-5572 was published Jun 4, 2025
An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may... High Unreviewed
CVE-2024-31127 was published Jun 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database