GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,279

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,369 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. Critical Unreviewed

CVE-2018-19873 was published May 13, 2022

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This... Critical Unreviewed

CVE-2023-27718 was published Apr 9, 2023

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the... Critical Unreviewed

CVE-2022-1586 was published May 17, 2022

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed

CVE-2025-1044 was published Feb 11, 2025

In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all... Critical Unreviewed

CVE-2024-1403 was published Feb 27, 2024

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2023-26822 was published Apr 2, 2023

Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Critical Unreviewed

CVE-2025-24434 was published Feb 11, 2025

OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote... Critical Unreviewed

CVE-2024-47908 was published Feb 11, 2025

Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before... Critical Unreviewed

CVE-2024-10644 was published Feb 11, 2025

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote... Critical Unreviewed

CVE-2025-22467 was published Feb 11, 2025

Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability Critical Unreviewed

CVE-2025-21198 was published Feb 11, 2025

A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the... Critical Unreviewed

CVE-2025-1126 was published Feb 11, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-30502 was published Mar 29, 2024

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-27650 was published Apr 10, 2023

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up... Critical Unreviewed

CVE-2025-0180 was published Feb 11, 2025

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-0181 was published Feb 11, 2025

School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing... Critical Unreviewed

CVE-2025-1144 was published Feb 11, 2025

When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of... Critical Unreviewed

CVE-2024-54852 was published Jan 30, 2025

An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain... Critical Unreviewed

CVE-2024-24116 was published Oct 2, 2024

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2024-28075 was published May 14, 2024

Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command... Critical Unreviewed

CVE-2024-21815 was published Mar 5, 2024

An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote... Critical Unreviewed

CVE-2023-27645 was published Apr 11, 2023

The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-13011 was published Feb 10, 2025

An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9... Critical Unreviewed

CVE-2023-1708 was published Apr 5, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,369 advisories