GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,217

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,127 advisories

Filter by severity

Sort by

Least recently updated

Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer... Critical Unreviewed

CVE-2025-26382 was published Apr 24, 2025

Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution ... Critical Unreviewed

CVE-2022-43333 was published Dec 2, 2022

Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when... Critical Unreviewed

CVE-2022-35508 was published Dec 4, 2022

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote... Critical Unreviewed

CVE-2024-0864 was published Feb 29, 2024

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization,... Critical Unreviewed

CVE-2025-31324 was published Apr 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-46248 was published Apr 24, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Angelo Mandato PowerPress... Critical Unreviewed

CVE-2025-46264 was published Apr 24, 2025

SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps... Critical Unreviewed

CVE-2024-52675 was published Nov 19, 2024

Telepad allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed

CVE-2022-45477 was published Dec 5, 2022

The default configuration of Lazy Mouse does not require a password, allowing remote... Critical Unreviewed

CVE-2022-45481 was published Dec 5, 2022

A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed

CVE-2022-27773 was published Dec 6, 2022

Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+... Critical Unreviewed

CVE-2022-40918 was published Dec 6, 2022

D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-44928 was published Dec 2, 2022

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-49032 was published Dec 21, 2023

D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-44930 was published Dec 2, 2022

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... Critical Unreviewed

CVE-2022-46414 was published Dec 4, 2022

Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting,... Critical Unreviewed

CVE-2022-45482 was published Dec 2, 2022

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-44929 was published Dec 2, 2022

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3604 was published Apr 24, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3603 was published Apr 24, 2025

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated... Critical Unreviewed

CVE-2021-36471 was published Feb 8, 2023

FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based... Critical Unreviewed

CVE-2025-23016 was published Jan 10, 2025

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed

CVE-2022-0547 was published Mar 19, 2022

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3),... Critical Unreviewed

CVE-2021-27391 was published May 24, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,127 advisories