Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,746
Maven
5,000+
npm
4,346
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,696 advisories

Loading
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated... High Unreviewed
CVE-2024-58310 was published Dec 12, 2025
xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote... High Unreviewed
CVE-2024-58309 was published Dec 12, 2025
xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2024-58312 was published Dec 12, 2025
minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash... High Unreviewed
CVE-2024-58306 was published Dec 12, 2025
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers... High Unreviewed
CVE-2024-58313 was published Dec 12, 2025
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability... High Unreviewed
CVE-2025-34506 was published Dec 12, 2025
FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows... High Unreviewed
CVE-2024-58303 was published Dec 12, 2025
ElkArte Forum 1.1.9 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2024-58295 was published Dec 12, 2025
reNgine 2.2.0 contains a command injection vulnerability in the nmap_cmd parameter of scan engine... High Unreviewed
CVE-2024-58287 was published Dec 12, 2025
Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated... High Unreviewed
CVE-2024-58293 was published Dec 12, 2025
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that... High Unreviewed
CVE-2024-58294 was published Dec 12, 2025
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability... High Unreviewed
CVE-2024-58300 was published Dec 12, 2025
Genexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2024-58288 was published Dec 12, 2025
In aoc_service_read_message of aoc_ipc_core.c, there is a possible out of bounds read due to... High Unreviewed
CVE-2025-36918 was published Dec 11, 2025
In aocc_read of aoc_channel_dev.c, there is a possible double free due to improper locking. This... High Unreviewed
CVE-2025-36919 was published Dec 11, 2025
IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A remote attacker... High Unreviewed
CVE-2025-13214 was published Dec 11, 2025
In NrmmDecoder::DecodeSORTransparentContext of cn_NrmmDecoder.cpp, there is a possible out of... High Unreviewed
CVE-2025-36923 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), a Use After Free vulnerability can be exploited... High Unreviewed
CVE-2025-66585 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), an Out-of-bounds Write vulnerability can be... High Unreviewed
CVE-2025-66590 was published Dec 11, 2025
A vulnerability was identified in UTT 进取 512W up to 3.1.7.7-171114. Affected is the function... High Unreviewed
CVE-2025-14535 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Resource Using Incompatible Type... High Unreviewed
CVE-2025-66586 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), a Stack-Based Buffer Overflow vulnerability can... High Unreviewed
CVE-2025-66584 was published Dec 11, 2025
In PrepareWorkloadBuffers of gxp_main_actor.cc, there is a possible double fetch due to a race... High Unreviewed
CVE-2025-36916 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), the affected application is vulnerable to... High Unreviewed
CVE-2025-66587 was published Dec 11, 2025
In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Uninitialized Pointer... High Unreviewed
CVE-2025-66588 was published Dec 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database