GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,100

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,123 advisories

Filter by severity

Sort by

Least recently updated

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3604 was published Apr 24, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3603 was published Apr 24, 2025

In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow... Critical Unreviewed

CVE-2025-45429 was published Apr 23, 2025

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform... Critical Unreviewed

CVE-2025-45428 was published Apr 23, 2025

In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform... Critical Unreviewed

CVE-2025-45427 was published Apr 23, 2025

This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on... Critical Unreviewed

CVE-2025-42605 was published Apr 23, 2025

A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed

CVE-2025-37087 was published Apr 22, 2025

LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve... Critical Unreviewed

CVE-2025-43951 was published Apr 22, 2025

MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed

CVE-2025-43949 was published Apr 22, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28035 was published Apr 22, 2025

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28036 was published Apr 22, 2025

A path traversal vulnerability in Commvault Command Center Innovation Release allows an... Critical Unreviewed

CVE-2025-34028 was published Apr 22, 2025

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28039 was published Apr 22, 2025

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28038 was published Apr 22, 2025

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php... Critical Unreviewed

CVE-2023-43958 was published Apr 22, 2025

An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed

CVE-2023-44752 was published Apr 22, 2025

Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-44755 was published Apr 22, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... Critical Unreviewed

CVE-2025-28024 was published Apr 22, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a... Critical Unreviewed

CVE-2025-28037 was published Apr 22, 2025

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... Critical Unreviewed

CVE-2025-28034 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local... Critical Unreviewed

CVE-2025-1950 was published Apr 22, 2025

The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. Critical Unreviewed

CVE-2024-58250 was published Apr 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,123 advisories