GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,377
Composer 4,821
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,807
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,004
Swift 38

Unreviewed advisories

All unreviewed 264,642

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,078 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed

CVE-2025-2611 was published Aug 5, 2025

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre... Critical Unreviewed

CVE-2025-54948 was published Aug 5, 2025

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre... Critical Unreviewed

CVE-2025-54987 was published Aug 5, 2025

An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on... Critical Unreviewed

CVE-2025-54982 was published Aug 5, 2025

DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability Critical Unreviewed

CVE-2025-53417 was published Aug 5, 2025

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows... Critical Unreviewed

CVE-2025-46093 was published Aug 5, 2025

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed

CVE-2025-27212 was published Aug 5, 2025

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured... Critical Unreviewed

CVE-2025-51387 was published Aug 4, 2025

Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report... Critical Unreviewed

CVE-2025-50754 was published Aug 4, 2025

A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain... Critical Unreviewed

CVE-2025-50341 was published Aug 4, 2025

An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code... Critical Unreviewed

CVE-2025-52239 was published Aug 4, 2025

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed

CVE-2025-34147 was published Aug 4, 2025

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection... Critical Unreviewed

CVE-2025-51390 was published Aug 4, 2025

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP... Critical Unreviewed

CVE-2025-44961 was published Aug 4, 2025

RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker... Critical Unreviewed

CVE-2025-44963 was published Aug 4, 2025

An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and... Critical Unreviewed

CVE-2013-10054 was published Aug 4, 2025

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root... Critical Unreviewed

CVE-2025-44954 was published Aug 4, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Critical Unreviewed

CVE-2025-36594 was published Aug 4, 2025

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed

CVE-2025-51536 was published Aug 4, 2025

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release... Critical Unreviewed

CVE-2025-6205 was published Aug 4, 2025

The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in... Critical Unreviewed

CVE-2025-7710 was published Aug 2, 2025

Partner Software's Partner Software Product and corresponding Partner Web application use the... Critical Unreviewed

CVE-2025-6077 was published Aug 2, 2025

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... Critical Unreviewed

CVE-2013-10060 was published Aug 1, 2025

An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and... Critical Unreviewed

CVE-2013-10055 was published Aug 1, 2025

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically... Critical Unreviewed

CVE-2013-10049 was published Aug 1, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,078 advisories