Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96,055 advisories

Loading
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE)... High Unreviewed
CVE-2025-1302 was published Feb 15, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 ... High Unreviewed
CVE-2024-5461 was published Feb 15, 2025
Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections. High Unreviewed
CVE-2025-26819 was published Feb 15, 2025
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by... High Unreviewed
CVE-2025-0593 was published Feb 14, 2025
Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before... High Unreviewed
CVE-2022-26083 was published Feb 14, 2025
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by... High Unreviewed
CVE-2025-0592 was published Feb 14, 2025
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially... High Unreviewed
CVE-2025-26508 was published Feb 14, 2025
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online... High Unreviewed
CVE-2025-26156 was published Feb 14, 2025
Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows... High Unreviewed
CVE-2024-8893 was published Feb 14, 2025
Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2025-25997 was published Feb 14, 2025
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability... High Unreviewed
CVE-2025-25745 was published Feb 14, 2025
Exposed Dangerous Method or Function vulnerability in PTT Inc. HGS Mobile App allows Manipulating... High Unreviewed
CVE-2024-12651 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24700 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24688 was published Feb 14, 2025
Missing Authorization vulnerability in Michael Revellin-Clerc Bulk Menu Edit allows Exploiting... High Unreviewed
CVE-2025-24692 was published Feb 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company WP Coder allows Cross-Site... High Unreviewed
CVE-2025-24699 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24641 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24558 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24554 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24565 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24614 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23786 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24564 was published Feb 14, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23790 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database