GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,053

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,277 advisories

Filter by severity

Sort by

Least recently updated

Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed

CVE-2025-0680 was published Jan 30, 2025

The affected product is vulnerable to an out-of-bounds write, which could allow an attacker to... Critical Unreviewed

CVE-2024-12248 was published Jan 30, 2025

A malicious actor can fix the session of a PAM user by tricking the user to click on a specially... Critical Unreviewed

CVE-2025-24503 was published Jan 30, 2025

The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS... Critical Unreviewed

CVE-2024-54512 was published Jan 28, 2025

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed

CVE-2025-0477 was published Jan 30, 2025

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed

CVE-2022-35898 was published May 1, 2023

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-13742 was published Jan 30, 2025

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... Critical Unreviewed

CVE-2024-12822 was published Jan 30, 2025

An unauthenticated remote attacker can modify configurations to perform a remote code execution... Critical Unreviewed

CVE-2024-25995 was published Mar 12, 2024

Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed

CVE-2025-21415 was published Jan 30, 2025

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is... Critical Unreviewed

CVE-2024-40422 was published Jul 24, 2024

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command... Critical Unreviewed

CVE-2023-29944 was published May 8, 2023

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Critical Unreviewed

CVE-2023-28201 was published May 8, 2023

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L... Critical Unreviewed

CVE-2021-45382 was published Feb 18, 2022

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed

CVE-2022-0543 was published Feb 19, 2022

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x... Critical Unreviewed

CVE-2021-22986 was published May 24, 2022

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x... Critical Unreviewed

CVE-2021-22991 was published May 24, 2022

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version... Critical Unreviewed

CVE-2025-20014 was published Jan 29, 2025

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email... Critical Unreviewed

CVE-2025-20061 was published Jan 29, 2025

The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-10284 was published Nov 9, 2024

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component... Critical Unreviewed

CVE-2024-55192 was published Jan 24, 2025

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... Critical Unreviewed

CVE-2022-37042 was published Aug 13, 2022

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET... Critical Unreviewed

CVE-2023-25717 was published Feb 13, 2023

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2022-29303 was published May 13, 2022

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A... Critical Unreviewed

CVE-2021-22005 was published May 24, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,277 advisories