Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,748 advisories

Loading
Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows... Critical Unreviewed
CVE-2025-2407 was published May 27, 2025
The devices are vulnerable to an authentication bypass due to flaws in the authorization... Critical Unreviewed
CVE-2025-41652 was published May 27, 2025
Due to missing authentication on a critical function of the devices an unauthenticated remote... Critical Unreviewed
CVE-2025-41651 was published May 27, 2025
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke... Critical Unreviewed
CVE-2025-48827 was published May 27, 2025
Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing... Critical Unreviewed
CVE-2025-48828 was published May 27, 2025
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows... Critical Unreviewed
CVE-2025-23394 was published May 26, 2025
Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to... Critical Unreviewed
CVE-2025-40664 was published May 26, 2025
SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an... Critical Unreviewed
CVE-2025-40671 was published May 26, 2025
Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer... Critical Unreviewed
CVE-2025-35003 was published May 26, 2025
Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers... Critical Unreviewed
CVE-2025-2146 was published May 26, 2025
A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC... Critical Unreviewed
CVE-2025-5124 was published May 24, 2025
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-5058 was published May 24, 2025
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-4603 was published May 24, 2025
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed
CVE-2024-51101 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object... Critical Unreviewed
CVE-2025-48289 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros - Pagaleve allows... Critical Unreviewed
CVE-2025-48287 was published May 23, 2025
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW... Critical Unreviewed
CVE-2025-47646 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for... Critical Unreviewed
CVE-2025-47687 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress... Critical Unreviewed
CVE-2025-47658 was published May 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management... Critical Unreviewed
CVE-2025-47663 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds allows Object Injection.... Critical Unreviewed
CVE-2025-47568 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation.... Critical Unreviewed
CVE-2025-47539 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway... Critical Unreviewed
CVE-2025-47532 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels allows Object Injection.... Critical Unreviewed
CVE-2025-47530 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database