GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,549

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,229 advisories

Filter by severity

Sort by

Least recently updated

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient... Critical Unreviewed

CVE-2025-0357 was published Jan 25, 2025

A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The... Critical Unreviewed

CVE-2024-57328 was published Jan 24, 2025

An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9,... Critical Unreviewed

CVE-2024-55573 was published Jan 24, 2025

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-12857 was published Jan 22, 2025

An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x... Critical Unreviewed

CVE-2024-53923 was published Jan 24, 2025

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could... Critical Unreviewed

CVE-2024-11053 was published Dec 11, 2024

SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion... Critical Unreviewed

CVE-2023-30330 was published May 23, 2023

An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed

CVE-2023-27823 was published May 12, 2023

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of... Critical Unreviewed

CVE-2024-4223 was published May 16, 2024

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Critical Unreviewed

CVE-2024-29006 was published Apr 4, 2024

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed

CVE-2021-32030 was published May 24, 2022

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a... Critical Unreviewed

CVE-2025-24650 was published Jan 24, 2025

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR)... Critical Unreviewed

CVE-2024-56404 was published Jan 24, 2025

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates... Critical Unreviewed

CVE-2023-24540 was published May 11, 2023

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions... Critical Unreviewed

CVE-2024-13545 was published Jan 24, 2025

In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access... Critical Unreviewed

CVE-2017-13322 was published Jan 18, 2025

SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary... Critical Unreviewed

CVE-2024-25227 was published Mar 15, 2024

The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File... Critical Unreviewed

CVE-2024-26261 was published Feb 15, 2024

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command... Critical Unreviewed

CVE-2024-26260 was published Feb 15, 2024

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute... Critical Unreviewed

CVE-2023-29862 was published May 15, 2023

The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed

CVE-2024-42936 was published Jan 21, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27112 was published Jan 22, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27113 was published Jan 22, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57482 was published Jan 15, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,229 advisories