GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,336
Composer 4,651
Erlang 34
GitHub Actions 26
Go 2,253
Maven 5,510
npm 3,906
NuGet 703
pip 3,677
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,054

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118,881 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site... Moderate Unreviewed

CVE-2025-3907 was published Apr 23, 2025

BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure... Moderate Unreviewed

CVE-2025-2772 was published Apr 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-3901 was published Apr 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-3900 was published Apr 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-3902 was published Apr 23, 2025

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution... Moderate Unreviewed

CVE-2025-2763 was published Apr 23, 2025

BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed

CVE-2025-2770 was published Apr 23, 2025

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2025-2771 was published Apr 23, 2025

A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations... Moderate Unreviewed

CVE-2025-29526 was published Apr 23, 2025

A directory traversal vulnerability exists in Ivanti LANDesk Management Gateway through 4.2-1.9.... Moderate Unreviewed

CVE-2025-43716 was published Apr 23, 2025

A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed

CVE-2024-10306 was published Apr 23, 2025

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API... Moderate Unreviewed

CVE-2025-42604 was published Apr 23, 2025

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1054 was published Apr 23, 2025

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor... Moderate Unreviewed

CVE-2025-2703 was published Apr 23, 2025

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed

CVE-2025-2595 was published Apr 23, 2025

A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR... Moderate Unreviewed

CVE-2025-0618 was published Apr 23, 2025

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed

CVE-2025-0926 was published Apr 23, 2025

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a... Moderate Unreviewed

CVE-2025-1056 was published Apr 23, 2025

A vulnerability in the kernel of the Cray Operating System (COS) could allow an attacker to... Moderate Unreviewed

CVE-2025-27087 was published Apr 23, 2025

A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg... Moderate Unreviewed

CVE-2024-53569 was published Apr 22, 2025

SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to... Moderate Unreviewed

CVE-2025-31328 was published Apr 22, 2025

SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data... Moderate Unreviewed

CVE-2025-31327 was published Apr 22, 2025

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Moderate Unreviewed

CVE-2025-29743 was published Apr 22, 2025

A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal... Moderate Unreviewed

CVE-2024-53568 was published Apr 22, 2025

A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net... Moderate Unreviewed

CVE-2025-43952 was published Apr 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

118,881 advisories