GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,936
Composer 4,478
Erlang 33
GitHub Actions 24
Go 2,208
Maven 5,436
npm 3,865
NuGet 696
pip 3,642
Pub 12
RubyGems 913
Rust 919
Swift 38

Unreviewed advisories

All unreviewed 249,775

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,803 advisories

Filter by severity

Sort by

Least recently updated

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler... Critical Unreviewed

CVE-2025-30004 was published Mar 31, 2025

Unraid 7.0.0 before 7.0.1 allows remote users to access the Unraid WebGUI and web console as root... Critical Unreviewed

CVE-2025-29266 was published Mar 31, 2025

Os command injection vulnerability in e-solutions e-management. This vulnerability allows an... Critical Unreviewed

CVE-2025-3022 was published Mar 31, 2025

A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick... Critical Unreviewed

CVE-2025-2071 was published Mar 31, 2025

Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all... Critical Unreviewed

CVE-2025-26689 was published Mar 31, 2025

Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If... Critical Unreviewed

CVE-2025-25211 was published Mar 31, 2025

SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed

CVE-2025-3011 was published Mar 31, 2025

Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver /... Critical Unreviewed

CVE-2025-1268 was published Mar 31, 2025

Vulnerability in Hewlett Packard Enterprise HPE Insight Cluster Management Utility (CMU).This... Critical Unreviewed

CVE-2024-13804 was published Mar 31, 2025

The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed

CVE-2025-2266 was published Mar 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) via the Scheduled... Critical Unreviewed

CVE-2025-28089 was published Mar 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) in the Collection... Critical Unreviewed

CVE-2025-28090 was published Mar 29, 2025

maccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article. Critical Unreviewed

CVE-2025-28091 was published Mar 29, 2025

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr. Critical Unreviewed

CVE-2025-25579 was published Mar 29, 2025

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php. Critical Unreviewed

CVE-2025-28087 was published Mar 29, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22523 was published Mar 28, 2025

Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics... Critical Unreviewed

CVE-2025-22526 was published Mar 28, 2025

The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed

CVE-2025-2294 was published Mar 28, 2025

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... Critical Unreviewed

CVE-2025-22398 was published Mar 28, 2025

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... Critical Unreviewed

CVE-2025-24383 was published Mar 28, 2025

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler.This issue affects... Critical Unreviewed

CVE-2025-26873 was published Mar 28, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-26898 was published Mar 28, 2025

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case... Critical Unreviewed

CVE-2025-29306 was published Mar 27, 2025

semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php. Critical Unreviewed

CVE-2025-25686 was published Mar 27, 2025

TOTOLINK A800R V4.1.2cu.5137_B20200730 contains a remote command execution vulnerability in the... Critical Unreviewed

CVE-2025-28138 was published Mar 27, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,803 advisories