GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,811

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,412 advisories

Filter by severity

Sort by

Least recently updated

The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through... Critical Unreviewed

CVE-2025-26793 was published Feb 15, 2025

The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to... Critical Unreviewed

CVE-2024-12562 was published Feb 15, 2025

The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-13513 was published Feb 15, 2025

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially... Critical Unreviewed

CVE-2025-26506 was published Feb 14, 2025

The standard user uses the run as function to start the MEAC applications with administrative... Critical Unreviewed

CVE-2025-0867 was published Feb 14, 2025

Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in BSS Software Mobuy... Critical Unreviewed

CVE-2024-13152 was published Feb 14, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2025-22630 was published Feb 14, 2025

The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login... Critical Unreviewed

CVE-2025-1283 was published Feb 14, 2025

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain... Critical Unreviewed

CVE-2025-22896 was published Feb 14, 2025

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote... Critical Unreviewed

CVE-2025-25067 was published Feb 14, 2025

The administrative web interface of mySCADA myPRO Manager can be accessed without... Critical Unreviewed

CVE-2025-24865 was published Feb 14, 2025

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB.... Critical Unreviewed

CVE-2023-34399 was published Feb 14, 2025

The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged... Critical Unreviewed

CVE-2025-1127 was published Feb 13, 2025

A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record... Critical Unreviewed

CVE-2025-25388 was published Feb 13, 2025

A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record... Critical Unreviewed

CVE-2025-25389 was published Feb 13, 2025

Insecure direct object reference (IDOR) vulnerability in Anapi Group's h6web, allows an... Critical Unreviewed

CVE-2025-1270 was published Feb 13, 2025

The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2024-13182 was published Feb 13, 2025

The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed

CVE-2024-10763 was published Feb 13, 2025

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote... Critical Unreviewed

CVE-2025-0896 was published Feb 13, 2025

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0... Critical Unreviewed

CVE-2024-7102 was published Feb 13, 2025

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2024-57604 was published Feb 13, 2025

In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO:... Critical Unreviewed

CVE-2022-31631 was published Feb 13, 2025

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense... Critical Unreviewed

CVE-2025-25349 was published Feb 12, 2025

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense... Critical Unreviewed

CVE-2025-25351 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... Critical Unreviewed

CVE-2025-26361 was published Feb 12, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,412 advisories