GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,333
Composer 4,651
Erlang 34
GitHub Actions 26
Go 2,253
Maven 5,510
npm 3,905
NuGet 702
pip 3,676
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,011

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,115 advisories

Filter by severity

Sort by

Least recently updated

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28036 was published Apr 22, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed

CVE-2023-44752 was published Apr 22, 2025

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... Critical Unreviewed

CVE-2025-28034 was published Apr 22, 2025

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package... Critical Unreviewed

CVE-2022-45145 was published Dec 10, 2022

Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-45506 was published Dec 8, 2022

PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed

CVE-2022-45479 was published Dec 5, 2022

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed

CVE-2022-42458 was published Dec 7, 2022

The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300... Critical Unreviewed

CVE-2020-6627 was published Dec 6, 2022

A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed

CVE-2025-37087 was published Apr 22, 2025

LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve... Critical Unreviewed

CVE-2025-43951 was published Apr 22, 2025

MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed

CVE-2025-43949 was published Apr 22, 2025

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28035 was published Apr 22, 2025

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php... Critical Unreviewed

CVE-2023-43958 was published Apr 22, 2025

Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-44755 was published Apr 22, 2025

TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... Critical Unreviewed

CVE-2025-28024 was published Apr 22, 2025

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to... Critical Unreviewed

CVE-2024-37858 was published Jul 29, 2024

Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the... Critical Unreviewed

CVE-2022-45497 was published Dec 8, 2022

This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on... Critical Unreviewed

CVE-2025-42605 was published Apr 23, 2025

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28039 was published Apr 22, 2025

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed

CVE-2025-28038 was published Apr 22, 2025

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2... Critical Unreviewed

CVE-2022-31358 was published Dec 14, 2022

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username... Critical Unreviewed

CVE-2022-38488 was published Dec 14, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,115 advisories