GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,336
Composer 4,651
Erlang 34
GitHub Actions 26
Go 2,253
Maven 5,510
npm 3,906
NuGet 703
pip 3,677
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,054

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,119 advisories

Filter by severity

Sort by

Least recently updated

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed

CVE-2022-0547 was published Mar 19, 2022

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3),... Critical Unreviewed

CVE-2021-27391 was published May 24, 2022

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform... Critical Unreviewed

CVE-2025-45428 was published Apr 23, 2025

In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform... Critical Unreviewed

CVE-2025-45427 was published Apr 23, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a... Critical Unreviewed

CVE-2025-28037 was published Apr 22, 2025

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a... Critical Unreviewed

CVE-2023-49954 was published Dec 25, 2023

AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). Critical Unreviewed

CVE-2022-45550 was published Dec 7, 2022

RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12,... Critical Unreviewed

CVE-2022-46383 was published Dec 6, 2022

In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow... Critical Unreviewed

CVE-2025-45429 was published Apr 23, 2025

Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full... Critical Unreviewed

CVE-2022-44938 was published Dec 8, 2022

Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a... Critical Unreviewed

CVE-2022-45025 was published Dec 7, 2022

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28036 was published Apr 22, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed

CVE-2023-44752 was published Apr 22, 2025

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... Critical Unreviewed

CVE-2025-28034 was published Apr 22, 2025

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package... Critical Unreviewed

CVE-2022-45145 was published Dec 10, 2022

Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-45506 was published Dec 8, 2022

PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed

CVE-2022-45479 was published Dec 5, 2022

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed

CVE-2022-42458 was published Dec 7, 2022

The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300... Critical Unreviewed

CVE-2020-6627 was published Dec 6, 2022

A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed

CVE-2025-37087 was published Apr 22, 2025

LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve... Critical Unreviewed

CVE-2025-43951 was published Apr 22, 2025

MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed

CVE-2025-43949 was published Apr 22, 2025

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28035 was published Apr 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,119 advisories