GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,000
Composer 4,298
Erlang 31
GitHub Actions 21
Go 2,063
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 876
Swift 36

Unreviewed advisories

All unreviewed 239,623

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,957 advisories

Filter by severity

Sort by

Least recently updated

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template. Critical Unreviewed

CVE-2024-55529 was published Jan 6, 2025

Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a... Critical Unreviewed

CVE-2024-48956 was published Dec 9, 2024

The go command may execute arbitrary code at build time when using cgo. This may occur when... Critical Unreviewed

CVE-2023-29404 was published Jun 8, 2023

Incorrect access control in the administrative functionalities of BES--6024PB-I50H1 VideoPlayTool... Critical Unreviewed

CVE-2023-33443 was published Jun 8, 2023

OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to... Critical Unreviewed

CVE-2024-5594 was published Jan 6, 2025

Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed

CVE-2023-32220 was published Jun 12, 2023

An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network... Critical Unreviewed

CVE-2023-27716 was published Jun 12, 2023

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1... Critical Unreviewed

CVE-2023-35034 was published Jun 12, 2023

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This... Critical Unreviewed

CVE-2024-20148 was published Jan 6, 2025

D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command... Critical Unreviewed

CVE-2022-37056 was published Aug 29, 2022

D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing... Critical Unreviewed

CVE-2019-10891 was published May 24, 2022

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to... Critical Unreviewed

CVE-2022-37057 was published Aug 29, 2022

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main... Critical Unreviewed

CVE-2024-33112 was published May 6, 2024

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer... Critical Unreviewed

CVE-2022-37055 was published Aug 29, 2022

The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and... Critical Unreviewed

CVE-2024-12583 was published Jan 4, 2025

In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to... Critical Unreviewed

CVE-2024-53842 was published Jan 3, 2025

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32... Critical Unreviewed

CVE-2025-22376 was published Jan 4, 2025

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate... Critical Unreviewed

CVE-2024-55507 was published Jan 3, 2025

An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0... Critical Unreviewed

CVE-2024-55078 was published Jan 3, 2025

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c,... Critical Unreviewed

CVE-2022-28550 was published Jun 13, 2023

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed

CVE-2023-30762 was published Jun 13, 2023

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed

CVE-2017-18017 was published Apr 30, 2022

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an... Critical Unreviewed

CVE-2023-38429 was published Jul 18, 2023

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP... Critical Unreviewed

CVE-2016-10229 was published May 17, 2022

Moxa’s cellular routers, secure routers, and network security appliances are affected by a... Critical Unreviewed

CVE-2024-9140 was published Jan 3, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,957 advisories