GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,006
Composer 5,076
Erlang 39
GitHub Actions 38
Go 2,746
Maven 6,163
npm 4,346
NuGet 765
pip 4,113
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,305

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,217 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view... Critical Unreviewed

CVE-2024-58307 was published Dec 12, 2025

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to... Critical Unreviewed

CVE-2024-58308 was published Dec 12, 2025

Xhibiter NFT Marketplace 1.10.2 contains a SQL injection vulnerability in the collections... Critical Unreviewed

CVE-2024-58290 was published Dec 12, 2025

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject... Critical Unreviewed

CVE-2024-58286 was published Dec 12, 2025

Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability... Critical Unreviewed

CVE-2024-58298 was published Dec 12, 2025

Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to... Critical Unreviewed

CVE-2024-58301 was published Dec 12, 2025

pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that... Critical Unreviewed

CVE-2025-13780 was published Dec 11, 2025

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6... Critical Unreviewed

CVE-2025-65473 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66048 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66043 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66047 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66045 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66044 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66046 was published Dec 11, 2025

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within... Critical Unreviewed

CVE-2025-14265 was published Dec 11, 2025

The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to... Critical Unreviewed

CVE-2025-13764 was published Dec 11, 2025

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025... Critical Unreviewed

CVE-2025-65294 was published Dec 11, 2025

The mobile application was found to contain stored credentials for the network it was developed... Critical Unreviewed

CVE-2025-65826 was published Dec 10, 2025

The mobile application is configured to allow clear text traffic to all domains and communicates... Critical Unreviewed

CVE-2025-65827 was published Dec 10, 2025

The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for... Critical Unreviewed

CVE-2025-65823 was published Dec 10, 2025

Due to a lack of certificate validation, all traffic from the mobile application can be... Critical Unreviewed

CVE-2025-65830 was published Dec 10, 2025

Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation... Critical Unreviewed

CVE-2020-36892 was published Dec 10, 2025

UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that... Critical Unreviewed

CVE-2020-36902 was published Dec 10, 2025

Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that... Critical Unreviewed

CVE-2020-36894 was published Dec 10, 2025

Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient... Critical Unreviewed

CVE-2020-36885 was published Dec 10, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,217 advisories