GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,675

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,325 advisories

Filter by severity

Sort by

Least recently updated

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed

CVE-2024-51547 was published Feb 6, 2025

IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed

CVE-2024-51450 was published Feb 6, 2025

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid... Critical Unreviewed

CVE-2025-20125 was published Feb 5, 2025

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute... Critical Unreviewed

CVE-2025-20124 was published Feb 5, 2025

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection... Critical Unreviewed

CVE-2025-0665 was published Feb 5, 2025

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute... Critical Unreviewed

CVE-2025-23114 was published Feb 5, 2025

AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which... Critical Unreviewed

CVE-2025-0960 was published Feb 4, 2025

BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated... Critical Unreviewed

CVE-2025-0364 was published Feb 4, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in WPSpins Post/Page... Critical Unreviewed

CVE-2025-24677 was published Feb 4, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22699 was published Feb 4, 2025

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass... Critical Unreviewed

CVE-2024-9644 was published Feb 4, 2025

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to... Critical Unreviewed

CVE-2024-9643 was published Feb 4, 2025

A race during concurrent delazification could have led to a use-after-free. This vulnerability... Critical Unreviewed

CVE-2025-1012 was published Feb 4, 2025

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially... Critical Unreviewed

CVE-2025-1009 was published Feb 4, 2025

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an... Critical Unreviewed

CVE-2025-1011 was published Feb 4, 2025

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a... Critical Unreviewed

CVE-2025-1010 was published Feb 4, 2025

**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy... Critical Unreviewed

CVE-2025-0890 was published Feb 4, 2025

Improper control of generation of code in the sourcerer extension for Joomla in versions before... Critical Unreviewed

CVE-2025-22204 was published Feb 4, 2025

Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to... Critical Unreviewed

CVE-2024-57968 was published Feb 3, 2025

SQL injection vulnerability in the ZimbraSyncService SOAP endpoint in Zimbra Collaboration 10.0.x... Critical Unreviewed

CVE-2025-25064 was published Feb 3, 2025

eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module. Critical Unreviewed

CVE-2025-22978 was published Feb 3, 2025

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully... Critical Unreviewed

CVE-2024-57098 was published Feb 3, 2025

ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by... Critical Unreviewed

CVE-2024-57099 was published Feb 3, 2025

ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function. Critical Unreviewed

CVE-2024-57450 was published Feb 3, 2025

Memory corruption while parsing the ML IE due to invalid frame content. Critical Unreviewed

CVE-2024-45569 was published Feb 3, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,325 advisories