GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,381
Composer 4,822
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,809
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,799

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,095 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2025-6994 was published Aug 6, 2025

Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack... Critical Unreviewed

CVE-2013-10068 was published Aug 5, 2025

The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file... Critical Unreviewed

CVE-2012-10025 was published Aug 5, 2025

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's... Critical Unreviewed

CVE-2013-10064 was published Aug 5, 2025

WP-Property plugin for WordPress through version 1.35.0 contains an unauthenticated file upload... Critical Unreviewed

CVE-2012-10027 was published Aug 5, 2025

The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary... Critical Unreviewed

CVE-2012-10026 was published Aug 5, 2025

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The... Critical Unreviewed

CVE-2013-10066 was published Aug 5, 2025

An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System... Critical Unreviewed

CVE-2014-125113 was published Aug 5, 2025

PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user... Critical Unreviewed

CVE-2013-10070 was published Aug 5, 2025

Narcissus is vulnerable to remote code execution via improper input handling in its image... Critical Unreviewed

CVE-2012-10033 was published Aug 5, 2025

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote... Critical Unreviewed

CVE-2012-10030 was published Aug 5, 2025

Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the... Critical Unreviewed

CVE-2012-10035 was published Aug 5, 2025

Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload... Critical Unreviewed

CVE-2013-10067 was published Aug 5, 2025

The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev... Critical Unreviewed

CVE-2013-10069 was published Aug 5, 2025

An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index... Critical Unreviewed

CVE-2025-50707 was published Aug 5, 2025

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error... Critical Unreviewed

CVE-2025-46658 was published Aug 5, 2025

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration... Critical Unreviewed

CVE-2025-54253 was published Aug 5, 2025

A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui... Critical Unreviewed

CVE-2024-11045 was published Mar 20, 2025

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed

CVE-2025-27212 was published Aug 5, 2025

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured... Critical Unreviewed

CVE-2025-51387 was published Aug 4, 2025

Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report... Critical Unreviewed

CVE-2025-50754 was published Aug 4, 2025

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection... Critical Unreviewed

CVE-2025-51390 was published Aug 4, 2025

A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain... Critical Unreviewed

CVE-2025-50341 was published Aug 4, 2025

The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed

CVE-2025-2611 was published Aug 5, 2025

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre... Critical Unreviewed

CVE-2025-54987 was published Aug 5, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,095 advisories