GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,901

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,913 advisories

Filter by severity

Sort by

Least recently updated

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build... Critical Unreviewed

CVE-2017-7921 was published May 17, 2022

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent... Critical Unreviewed

CVE-2017-8923 was published May 14, 2022

SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System... Critical Unreviewed

CVE-2020-25952 was published May 24, 2022

An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0... Critical Unreviewed

CVE-2021-46200 was published Jan 22, 2022

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as... Critical Unreviewed

CVE-2017-12588 was published May 17, 2022

SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote... Critical Unreviewed

CVE-2024-55509 was published Dec 20, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script... Critical Unreviewed

CVE-2024-12652 was published Dec 26, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-8950 was published Dec 25, 2024

The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed

CVE-2024-11281 was published Dec 25, 2024

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build... Critical Unreviewed

CVE-2024-25255 was published Nov 12, 2024

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can... Critical Unreviewed

CVE-2024-40896 was published Dec 23, 2024

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be... Critical Unreviewed

CVE-2024-46873 was published Dec 23, 2024

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-11349 was published Dec 21, 2024

A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project... Critical Unreviewed

CVE-2024-55496 was published Dec 17, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16... Critical Unreviewed

CVE-2023-7028 was published Jan 12, 2024

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC... Critical Unreviewed

CVE-2023-34048 was published Oct 25, 2023

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A... Critical Unreviewed

CVE-2024-21855 was published Dec 20, 2024

A unrestricted upload of file with dangerous type vulnerability in epaper draft function in... Critical Unreviewed

CVE-2024-11984 was published Dec 19, 2024

A deserialization of untrusted data vulnerability with a malicious payload can allow an... Critical Unreviewed

CVE-2024-40711 was published Sep 7, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an... Critical Unreviewed

CVE-2024-51466 was published Dec 20, 2024

The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is... Critical Unreviewed

CVE-2024-12571 was published Dec 20, 2024

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or... Critical Unreviewed

CVE-2014-6287 was published May 13, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,913 advisories