GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,147
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,634

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,203 advisories

Filter by severity

Sort by

Least recently updated

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to... High Unreviewed

CVE-2025-0543 was published Jan 25, 2025

IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length... High Unreviewed

CVE-2024-39750 was published Jan 25, 2025

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... High Unreviewed

CVE-2024-13562 was published Jan 25, 2025

The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2024-12600 was published Jan 25, 2025

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass... High Unreviewed

CVE-2025-0411 was published Jan 25, 2025

The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed

CVE-2025-0682 was published Jan 25, 2025

A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as... High Unreviewed

CVE-2025-0707 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24728 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator allows Stored XSS.... High Unreviewed

CVE-2025-24756 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode... High Unreviewed

CVE-2025-24636 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24659 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24663 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24672 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24669 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24683 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows... High Unreviewed

CVE-2025-24555 was published Jan 24, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-24570 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS.... High Unreviewed

CVE-2025-24562 was published Jan 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-24587 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This... High Unreviewed

CVE-2025-24561 was published Jan 24, 2025

LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the... High Unreviewed

CVE-2019-15690 was published Jan 24, 2025

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can... High Unreviewed

CVE-2025-23222 was published Jan 24, 2025

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed

CVE-2024-25034 was published Jan 24, 2025

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed

CVE-2024-40693 was published Jan 24, 2025

DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows ... High Unreviewed

CVE-2024-9495 was published Jan 24, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

95,203 advisories