GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,216
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,556
Maven 6,025
npm 4,228
NuGet 747
pip 4,000
Pub 12
RubyGems 953
Rust 1,041
Swift 45

Unreviewed advisories

All unreviewed 273,490

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,668 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS)... Critical Unreviewed

CVE-2025-49553 was published Oct 15, 2025

SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed

CVE-2025-40617 was published Apr 29, 2025

SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed

CVE-2025-40618 was published Apr 29, 2025

Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed

CVE-2025-40619 was published Apr 29, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is... Critical Unreviewed

CVE-2025-8904 was published Aug 13, 2025

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0... Critical Unreviewed

CVE-2025-11462 was published Oct 7, 2025

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized... Critical Unreviewed

CVE-2025-59287 was published Oct 14, 2025

A remote, unauthenticated privilege escalation in ibi WebFOCUS allows an attacker to gain... Critical Unreviewed

CVE-2025-11548 was published Oct 14, 2025

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate... Critical Unreviewed

CVE-2025-49708 was published Oct 14, 2025

A cross-site scripting (XSS) vulnerability in the component /app/marketplace.html of Logseq v0.10... Critical Unreviewed

CVE-2025-56683 was published Oct 9, 2025

Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in BSS Software Mobuy... Critical Unreviewed

CVE-2024-13152 was published Feb 14, 2025

Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed

CVE-2024-8074 was published Nov 12, 2024

Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission... Critical Unreviewed

CVE-2024-0949 was published Jun 27, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord... Critical Unreviewed

CVE-2024-1744 was published Sep 6, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10610 was published Oct 14, 2025

Multiple Broken Authentication security issues exist in the affected product. The security issues... Critical Unreviewed

CVE-2025-7328 was published Oct 14, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics... Critical Unreviewed

CVE-2024-10035 was published Nov 4, 2024

Improper Access Control vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured... Critical Unreviewed

CVE-2024-0336 was published Jun 3, 2024

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Critical Unreviewed

CVE-2025-40771 was published Oct 14, 2025

A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 <... Critical Unreviewed

CVE-2025-40765 was published Oct 14, 2025

ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An... Critical Unreviewed

CVE-2025-46581 was published Oct 14, 2025

Due to missing verification of file type or content, SAP Supplier Relationship Management allows... Critical Unreviewed

CVE-2025-42910 was published Oct 14, 2025

SAP Print Service (SAPSprint) performs insufficient validation of path information provided by... Critical Unreviewed

CVE-2025-42937 was published Oct 14, 2025

Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could... Critical Unreviewed

CVE-2025-42944 was published Sep 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,668 advisories