Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98,904 advisories

Loading
OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access... High Unreviewed
CVE-2025-46613 was published Apr 25, 2025
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate... High Unreviewed
CVE-2025-0395 was published Jan 22, 2025
ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is... High Unreviewed
CVE-2025-2185 was published Apr 25, 2025
Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to... High Unreviewed
CVE-2025-3606 was published Apr 25, 2025
The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-1294 was published Apr 25, 2025
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not... High Unreviewed
CVE-2024-6387 was published Jul 1, 2024
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed
CVE-2024-32752 was published Jun 6, 2024
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote... High Unreviewed
CVE-2022-37924 was published Dec 12, 2022
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. High Unreviewed
CVE-2023-39810 was published Aug 28, 2023
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21338 was published Feb 13, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49138 was published Dec 12, 2024
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28025 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28020 was published Apr 23, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28022 was published Apr 23, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28028 was published Apr 23, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28021 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28018 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28019 was published Apr 23, 2025
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change... High Unreviewed
CVE-2022-44211 was published Dec 2, 2022
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and... High Unreviewed
CVE-2022-35507 was published Dec 4, 2022
Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters. High Unreviewed
CVE-2023-37534 was published Apr 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls allows Stored XSS. This... High Unreviewed
CVE-2025-46466 was published Apr 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS.... High Unreviewed
CVE-2025-46528 was published Apr 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in harrysudana Contact Form 7 Calendar allows... High Unreviewed
CVE-2025-46510 was published Apr 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shamim Hasan Custom Functions Plugin allows... High Unreviewed
CVE-2025-46512 was published Apr 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database