GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,576

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

264,791 advisories

Filter by severity

Sort by

Least recently updated

Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to... Moderate Unreviewed

CVE-2019-8394 was published May 14, 2022

Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which... High Unreviewed

CVE-2019-16256 was published May 24, 2022

The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command... High Unreviewed

CVE-2019-16057 was published May 24, 2022

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter... High Unreviewed

CVE-2019-16759 was published May 24, 2022

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross... Moderate Unreviewed

CVE-2024-40700 was published Feb 4, 2025

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or... Moderate Unreviewed

CVE-2024-43187 was published Feb 4, 2025

Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a... Unknown Unreviewed

CVE-2025-0451 was published Feb 4, 2025

Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a local... Moderate Unreviewed

CVE-2025-0630 was published Feb 4, 2025

Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to... Unknown Unreviewed

CVE-2025-0444 was published Feb 4, 2025

AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which... Critical Unreviewed

CVE-2025-0960 was published Feb 4, 2025

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local... Moderate Unreviewed

CVE-2024-45657 was published Feb 4, 2025

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross... Moderate Unreviewed

CVE-2024-35138 was published Feb 4, 2025

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote... Low Unreviewed

CVE-2024-45658 was published Feb 4, 2025

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows... Moderate Unreviewed

CVE-2025-22206 was published Feb 4, 2025

Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to... Unknown Unreviewed

CVE-2025-0445 was published Feb 4, 2025

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy... Moderate Unreviewed

CVE-2025-25039 was published Feb 4, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or... Unknown Unreviewed

CVE-2024-48019 was published Feb 4, 2025

ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed

CVE-2024-57452 was published Feb 3, 2025

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to... Moderate Unreviewed

CVE-2024-57498 was published Feb 3, 2025

The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2024-13096 was published Feb 1, 2025

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise... Moderate Unreviewed

CVE-2024-13114 was published Feb 4, 2025

The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a... Moderate Unreviewed

CVE-2024-13098 was published Feb 1, 2025

The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-13325 was published Feb 4, 2025

The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain... Moderate Unreviewed

CVE-2025-0938 was published Jan 31, 2025

The iBuildApp WordPress plugin through 0.2.0 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-13326 was published Feb 4, 2025

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

264,791 advisories