GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,861
Composer 4,778
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,636
npm 3,966
NuGet 713
pip 3,759
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 259,188

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

25,895 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WIMP website co-construction management platform from HAMASTAR Technology has a SQL Injection... Critical Unreviewed

CVE-2025-6169 was published Jun 16, 2025

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-6065 was published Jun 14, 2025

MCP Inspector proxy server lacks authentication between the Inspector client and proxy Critical

CVE-2025-49596 was published for @modelcontextprotocol/inspector (npm) Jun 13, 2025

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key... Critical Unreviewed

CVE-2025-6030 was published Jun 13, 2025

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key... Critical Unreviewed

CVE-2025-6029 was published Jun 13, 2025

OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Critical Unreviewed

CVE-2025-28388 was published Jun 13, 2025

Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a... Critical Unreviewed

CVE-2025-28389 was published Jun 13, 2025

Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker... Critical Unreviewed

CVE-2025-46060 was published Jun 13, 2025

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute... Critical Unreviewed

CVE-2025-28384 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45988 was published Jun 13, 2025

Remote code execution that allows unauthorized users to execute arbitrary code on the server... Critical Unreviewed

CVE-2025-29902 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL... Critical Unreviewed

CVE-2025-45984 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45985 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45987 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45986 was published Jun 13, 2025

Salt vulnerable to directory traversal attack in file receiving method Critical

CVE-2024-38824 was published for salt (pip) Jun 13, 2025

Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0... Critical Unreviewed

CVE-2025-46783 was published Jun 13, 2025

The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for... Critical Unreviewed

CVE-2025-5288 was published Jun 13, 2025

XWiki allows SQL injection in query endpoint of REST API with Oracle Critical

CVE-2024-56158 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 12, 2025

A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was... Critical Unreviewed

CVE-2025-49467 was published Jun 12, 2025

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme,... Critical Unreviewed

CVE-2025-4973 was published Jun 12, 2025

Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is... Critical Unreviewed

CVE-2022-4976 was published Jun 12, 2025

Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was... Critical Unreviewed

CVE-2025-30085 was published Jun 11, 2025

CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed... Critical Unreviewed

CVE-2025-40912 was published Jun 11, 2025

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over... Critical Unreviewed

CVE-2025-32711 was published Jun 11, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,895 advisories