GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,859

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

208 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack... High Unreviewed

CVE-2024-56089 was published Dec 1, 2025

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A... High Unreviewed

CVE-2025-59371 was published Nov 25, 2025

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public... High Unreviewed

CVE-2025-13470 was published Nov 21, 2025

The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-12787 was published Nov 11, 2025

The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not... Moderate Unreviewed

CVE-2025-6515 was published Oct 20, 2025

The Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-10745 was published Sep 26, 2025

A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0.... Moderate Unreviewed

CVE-2025-6931 was published Jul 1, 2025

The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be... Low Unreviewed

CVE-2025-49198 was published Jun 12, 2025

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation... Critical Unreviewed

CVE-2025-4607 was published May 31, 2025

SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt... Moderate Unreviewed

CVE-2024-50684 was published Feb 26, 2025

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields,... Moderate Unreviewed

CVE-2024-10604 was published Jan 30, 2025

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then... Moderate Unreviewed

CVE-2025-0218 was published Jan 7, 2025

The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover... High Unreviewed

CVE-2024-12432 was published Dec 18, 2024

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed

CVE-2024-20331 was published Oct 23, 2024

An issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate... High Unreviewed

CVE-2024-41708 was published Sep 25, 2024

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection... Moderate Unreviewed

CVE-2024-6348 was published Aug 19, 2024

A vulnerability, which was classified as problematic, was found in projectsend up to r1605.... Moderate Unreviewed

CVE-2024-7659 was published Aug 12, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42164 was published Aug 12, 2024

Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42165 was published Aug 12, 2024

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in... High Unreviewed

CVE-2024-21460 was published Jul 1, 2024

iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th... High Unreviewed

CVE-2024-25943 was published Jun 29, 2024

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All... High Unreviewed

CVE-2024-35292 was published Jun 11, 2024

The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up... Moderate Unreviewed

CVE-2024-5149 was published Jun 5, 2024

MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication... Critical Unreviewed

CVE-2024-36389 was published Jun 2, 2024

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2023-6799 was published Apr 9, 2024

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

208 advisories