Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,956 advisories

Loading
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0... High Unreviewed
CVE-2014-5399 was published May 17, 2022
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services,... High Unreviewed
CVE-2014-2350 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak... High Unreviewed
CVE-2014-2380 was published May 17, 2022
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63465 was published Oct 31, 2025
Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in... High Unreviewed
CVE-2025-57106 was published Oct 31, 2025
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability... High Unreviewed
CVE-2025-57107 was published Oct 31, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-64366 was published Oct 31, 2025
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors... High Unreviewed
CVE-2025-41109 was published Oct 22, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error... High Unreviewed
CVE-2025-22087 was published Apr 16, 2025
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate l_tree_depth... High Unreviewed
CVE-2025-22079 was published Apr 16, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use... High Unreviewed
CVE-2025-37796 was published May 1, 2025
In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table... High Unreviewed
CVE-2025-37786 was published May 1, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will... High Unreviewed
CVE-2025-10693 was published Oct 31, 2025
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target... High Unreviewed
CVE-2025-64349 was published Oct 31, 2025
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in... High Unreviewed
CVE-2025-62618 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63469 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the... High Unreviewed
CVE-2025-63468 was published Oct 31, 2025
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid... High Unreviewed
CVE-2025-63464 was published Oct 31, 2025
Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object... High Unreviewed
CVE-2025-64353 was published Oct 31, 2025
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of... High Unreviewed
CVE-2025-22083 was published Apr 16, 2025
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS)... High Unreviewed
CVE-2024-55545 was published Dec 10, 2024
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ... High Unreviewed
CVE-2024-55546 was published Dec 10, 2024
In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to... High Unreviewed
CVE-2025-21896 was published Apr 1, 2025
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ... High Unreviewed
CVE-2024-55544 was published Dec 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database