GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,247

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,282 advisories

Filter by severity

Sort by

Least recently updated

Synnefo Internet Management Software 2023 was discovered to contain a SQL injection vulnerability. Critical Unreviewed

CVE-2023-37777 was published Jan 22, 2025

Password Vulnerability in Safety production process management system v1.0 allows a remote... Critical Unreviewed

CVE-2024-57395 was published Jan 30, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed

CVE-2025-21524 was published Jan 21, 2025

Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed

CVE-2024-47891 was published Jan 31, 2025

The affected product is vulnerable to an out-of-bounds write, which could allow an attacker to... Critical Unreviewed

CVE-2024-12248 was published Jan 30, 2025

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could... Critical Unreviewed

CVE-2024-11053 was published Dec 11, 2024

SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to... Critical Unreviewed

CVE-2025-0929 was published Jan 31, 2025

The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer... Critical Unreviewed

CVE-2023-23305 was published May 23, 2023

The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a... Critical Unreviewed

CVE-2023-23304 was published May 23, 2023

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed

CVE-2023-27388 was published May 23, 2023

An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2023-29861 was published May 15, 2023

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Critical Unreviewed

CVE-2025-0493 was published Jan 31, 2025

The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions... Critical Unreviewed

CVE-2024-1813 was published Apr 9, 2024

Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed

CVE-2025-0680 was published Jan 30, 2025

A malicious actor can fix the session of a PAM user by tricking the user to click on a specially... Critical Unreviewed

CVE-2025-24503 was published Jan 30, 2025

The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS... Critical Unreviewed

CVE-2024-54512 was published Jan 28, 2025

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed

CVE-2025-0477 was published Jan 30, 2025

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed

CVE-2022-35898 was published May 1, 2023

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13742 was published Jan 30, 2025

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... Critical Unreviewed

CVE-2024-12822 was published Jan 30, 2025

An unauthenticated remote attacker can modify configurations to perform a remote code execution... Critical Unreviewed

CVE-2024-25995 was published Mar 12, 2024

Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed

CVE-2025-21415 was published Jan 30, 2025

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is... Critical Unreviewed

CVE-2024-40422 was published Jul 24, 2024

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Critical Unreviewed

CVE-2023-28201 was published May 8, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,282 advisories