GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,358
Composer 4,819
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,046
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,447

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

264,447 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to... Moderate Unreviewed

CVE-2025-7694 was published Aug 2, 2025

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-8146 was published Aug 2, 2025

Partner Software's Partner Software application and Partner Web application do not sanitize files... Unknown Unreviewed

CVE-2025-6076 was published Aug 2, 2025

Partner Software's Partner Software Product and corresponding Partner Web application use the... Unknown Unreviewed

CVE-2025-6077 was published Aug 2, 2025

Partner Software's Partner Software application and Partner Web application allows an... Unknown Unreviewed

CVE-2025-6078 was published Aug 2, 2025

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed

CVE-2025-0217 was published May 5, 2025

Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on... High Unreviewed

CVE-2025-4613 was published Jun 12, 2025

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531... High Unreviewed

CVE-2025-6337 was published Jun 20, 2025

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected... Low Unreviewed

CVE-2024-13978 was published Aug 2, 2025

Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the... Critical Unreviewed

CVE-2025-50870 was published Aug 1, 2025

Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that... High Unreviewed

CVE-2012-10022 was published Aug 1, 2025

An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low... High Unreviewed

CVE-2013-10044 was published Aug 1, 2025

A remote command execution vulnerability exists in ZPanel version 10.0.0.2 in its htpasswd module... High Unreviewed

CVE-2013-10053 was published Aug 1, 2025

A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control ... High Unreviewed

CVE-2013-10057 was published Aug 1, 2025

An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows... Critical Unreviewed

CVE-2013-10047 was published Aug 1, 2025

An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev... High Unreviewed

CVE-2013-10050 was published Aug 1, 2025

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... High Unreviewed

CVE-2013-10061 was published Aug 1, 2025

An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and... Critical Unreviewed

CVE-2013-10055 was published Aug 1, 2025

An authenticated OS command injection vulnerability exists in various Linksys router models ... High Unreviewed

CVE-2013-10058 was published Aug 1, 2025

An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300... Critical Unreviewed

CVE-2013-10048 was published Aug 1, 2025

An authenticated OS command injection vulnerability exists in various D-Link routers (tested on... High Unreviewed

CVE-2013-10059 was published Aug 1, 2025

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0... Moderate Unreviewed

CVE-2013-10063 was published Aug 1, 2025

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... Critical Unreviewed

CVE-2013-10060 was published Aug 1, 2025

A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500... Moderate Unreviewed

CVE-2013-10062 was published Aug 1, 2025

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically... Critical Unreviewed

CVE-2013-10049 was published Aug 1, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

264,447 advisories