GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,532

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,954 advisories

Filter by severity

Sort by

Least recently updated

The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and... Critical Unreviewed

CVE-2024-12583 was published Jan 4, 2025

In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to... Critical Unreviewed

CVE-2024-53842 was published Jan 3, 2025

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32... Critical Unreviewed

CVE-2025-22376 was published Jan 4, 2025

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate... Critical Unreviewed

CVE-2024-55507 was published Jan 3, 2025

An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0... Critical Unreviewed

CVE-2024-55078 was published Jan 3, 2025

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c,... Critical Unreviewed

CVE-2022-28550 was published Jun 13, 2023

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed

CVE-2023-30762 was published Jun 13, 2023

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed

CVE-2017-18017 was published Apr 30, 2022

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an... Critical Unreviewed

CVE-2023-38429 was published Jul 18, 2023

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP... Critical Unreviewed

CVE-2016-10229 was published May 17, 2022

Moxa’s cellular routers, secure routers, and network security appliances are affected by a... Critical Unreviewed

CVE-2024-9140 was published Jan 3, 2025

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive... Critical Unreviewed

CVE-2025-22275 was published Jan 3, 2025

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. Critical Unreviewed

CVE-2022-37968 was published Oct 12, 2022

An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB... Critical Unreviewed

CVE-2024-55081 was published Dec 19, 2024

Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed

CVE-2022-30136 was published Jun 16, 2022

Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE... Critical Unreviewed

CVE-2022-22012 was published May 11, 2022

Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE... Critical Unreviewed

CVE-2022-29130 was published May 11, 2022

Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed

CVE-2022-26937 was published May 11, 2022

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote... Critical Unreviewed

CVE-2024-7024 was published Sep 24, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows... Critical Unreviewed

CVE-2024-56249 was published Jan 2, 2025

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a ... Critical Unreviewed

CVE-2024-56829 was published Jan 2, 2025

The Electronic Official Document Management System from 2100 Technology has an Authentication... Critical Unreviewed

CVE-2024-13061 was published Dec 31, 2024

The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API... Critical Unreviewed

CVE-2024-11972 was published Dec 31, 2024

SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function... Critical Unreviewed

CVE-2024-55461 was published Dec 19, 2024

SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at... Critical Unreviewed

CVE-2024-50713 was published Dec 27, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,954 advisories