GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,659

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125,465 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to... High Unreviewed

CVE-2025-65888 was published Jan 28, 2026

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution... High Unreviewed

CVE-2015-10145 was published Dec 31, 2025

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege... High Unreviewed

CVE-2025-13905 was published Jan 29, 2026

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password... High Unreviewed

CVE-2025-14975 was published Jan 29, 2026

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service ... High Unreviewed

CVE-2025-65886 was published Jan 28, 2026

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0... High Unreviewed

CVE-2025-10214 was published Sep 10, 2025

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a... High Unreviewed

CVE-2025-58188 was published Oct 30, 2025

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and... High Unreviewed

CVE-2020-37013 was published Jan 29, 2026

Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows... High Unreviewed

CVE-2020-37004 was published Jan 29, 2026

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to... High Unreviewed

CVE-2020-37008 was published Jan 29, 2026

CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to... High Unreviewed

CVE-2020-37017 was published Jan 29, 2026

TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that... High Unreviewed

CVE-2020-37005 was published Jan 29, 2026

berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows... High Unreviewed

CVE-2020-37006 was published Jan 29, 2026

BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords... High Unreviewed

CVE-2020-37010 was published Jan 29, 2026

Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that... High Unreviewed

CVE-2020-37015 was published Jan 29, 2026

BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to... High Unreviewed

CVE-2020-37016 was published Jan 29, 2026

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to... High Unreviewed

CVE-2020-37020 was published Jan 29, 2026

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to... High Unreviewed

CVE-2020-37011 was published Jan 29, 2026

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple... High Unreviewed

CVE-2020-37021 was published Jan 29, 2026

Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to... High Unreviewed

CVE-2020-37002 was published Jan 29, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-7714 was published Jan 29, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2025-7713 was published Jan 29, 2026

Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access... High Unreviewed

CVE-2020-36999 was published Jan 29, 2026

MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that... High Unreviewed

CVE-2020-37009 was published Jan 29, 2026

The $uri$args concatenation in nginx configuration file present in Open Security Issue Management... High Unreviewed

CVE-2026-1616 was published Jan 29, 2026

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125,465 advisories