GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,481

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,227 advisories

Filter by severity

Sort by

Least recently updated

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a... Critical Unreviewed

CVE-2025-24650 was published Jan 24, 2025

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR)... Critical Unreviewed

CVE-2024-56404 was published Jan 24, 2025

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions... Critical Unreviewed

CVE-2024-13545 was published Jan 24, 2025

An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9,... Critical Unreviewed

CVE-2024-55573 was published Jan 24, 2025

An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x... Critical Unreviewed

CVE-2024-53923 was published Jan 24, 2025

ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An... Critical Unreviewed

CVE-2024-52329 was published Jan 23, 2025

ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated... Critical Unreviewed

CVE-2024-52330 was published Jan 23, 2025

It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed

CVE-2025-0637 was published Jan 23, 2025

Pre-authentication deserialization of untrusted data vulnerability has been identified in the... Critical Unreviewed

CVE-2025-23006 was published Jan 23, 2025

An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed

CVE-2024-52975 was published Jan 23, 2025

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated... Critical Unreviewed

CVE-2025-20156 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows... Critical Unreviewed

CVE-2025-23914 was published Jan 22, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-23931 was published Jan 22, 2025

Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection.... Critical Unreviewed

CVE-2025-23932 was published Jan 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for... Critical Unreviewed

CVE-2025-23921 was published Jan 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows... Critical Unreviewed

CVE-2025-23942 was published Jan 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser... Critical Unreviewed

CVE-2025-23918 was published Jan 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files... Critical Unreviewed

CVE-2025-23953 was published Jan 22, 2025

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-12857 was published Jan 22, 2025

In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a... Critical Unreviewed

CVE-2024-49747 was published Jan 22, 2025

In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due... Critical Unreviewed

CVE-2024-49748 was published Jan 22, 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed

CVE-2024-13091 was published Jan 22, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27112 was published Jan 22, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27113 was published Jan 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,227 advisories