GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,031
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,589

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,033 advisories

Filter by severity

Sort by

Least recently updated

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57225 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57223 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57224 was published Jan 10, 2025

The Call Blocker application 6.6.3 for Android allows unauthorized applications to use exposed... Critical Unreviewed

CVE-2023-29727 was published May 31, 2023

An attacker could exploit the 'Use of Password Hash With Insufficient Computational Effort'... Critical Unreviewed

CVE-2024-5743 was published Jan 13, 2025

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload... Critical Unreviewed

CVE-2024-46479 was published Jan 13, 2025

Deserialization of Untrusted Data vulnerability in GiveWP GiveWP allows Object Injection.This... Critical Unreviewed

CVE-2025-22777 was published Jan 13, 2025

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360... Critical Unreviewed

CVE-2022-29081 was published Apr 29, 2022

An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to... Critical Unreviewed

CVE-2024-25414 was published Feb 16, 2024

A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved... Critical Unreviewed

CVE-2024-25413 was published Feb 16, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-12877 was published Jan 11, 2025

An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker... Critical Unreviewed

CVE-2025-0103 was published Jan 11, 2025

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32... Critical Unreviewed

CVE-2025-22376 was published Jan 4, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation... Critical Unreviewed

CVE-2024-13279 was published Jan 9, 2025

Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing... Critical Unreviewed

CVE-2024-13280 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13281 was published Jan 9, 2025

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call... Critical Unreviewed

CVE-2023-28354 was published Jan 10, 2025

An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in... Critical Unreviewed

CVE-2024-57687 was published Jan 10, 2025

Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource... Critical Unreviewed

CVE-2024-13242 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed

CVE-2024-13258 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed

CVE-2024-13253 was published Jan 9, 2025

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... Critical Unreviewed

CVE-2024-13264 was published Jan 9, 2025

Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. Critical Unreviewed

CVE-2024-13285 was published Jan 9, 2025

Memory corruption in Core Services while executing the command for removing a single event listener. Critical Unreviewed

CVE-2023-28578 was published Mar 4, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,033 advisories