GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,688
Composer 4,731
Erlang 35
GitHub Actions 29
Go 2,308
Maven 5,597
npm 3,949
NuGet 711
pip 3,727
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,355

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,452 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An authenticated user can perform command injection via unsanitized input to the NetFax Server’s... Critical Unreviewed

CVE-2025-48047 was published May 29, 2025

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi... Critical Unreviewed

CVE-2025-3755 was published May 29, 2025

Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03... Critical Unreviewed

CVE-2025-48749 was published May 28, 2025

An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2025-45343 was published May 28, 2025

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to... Critical Unreviewed

CVE-2025-3357 was published May 28, 2025

aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that... Critical Unreviewed

CVE-2025-5277 was published May 28, 2025

The Evertz SVDN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed

CVE-2025-4009 was published May 28, 2025

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6... Critical Unreviewed

CVE-2025-22252 was published May 28, 2025

The devices are vulnerable to an authentication bypass due to flaws in the authorization... Critical Unreviewed

CVE-2025-41652 was published May 27, 2025

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows... Critical Unreviewed

CVE-2025-2407 was published May 27, 2025

Due to missing authentication on a critical function of the devices an unauthenticated remote... Critical Unreviewed

CVE-2025-41651 was published May 27, 2025

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke... Critical Unreviewed

CVE-2025-48827 was published May 27, 2025

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing... Critical Unreviewed

CVE-2025-48828 was published May 27, 2025

A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows... Critical Unreviewed

CVE-2025-23394 was published May 26, 2025

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to... Critical Unreviewed

CVE-2025-40664 was published May 26, 2025

SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an... Critical Unreviewed

CVE-2025-40671 was published May 26, 2025

Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer... Critical Unreviewed

CVE-2025-35003 was published May 26, 2025

Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers... Critical Unreviewed

CVE-2025-2146 was published May 26, 2025

A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC... Critical Unreviewed

CVE-2025-5124 was published May 24, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-5058 was published May 24, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-4603 was published May 24, 2025

An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-51360 was published May 23, 2025

PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed

CVE-2024-51101 was published May 23, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-48283 was published May 23, 2025

Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object... Critical Unreviewed

CVE-2025-48289 was published May 23, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,452 advisories