GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18 advisories
Filter by severity
The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.
Moderate
Unreviewed
CVE-2026-12058
was published
Jun 12, 2026
A vulnerability in the browser-based remote management interface may allow an administrator to...
Moderate
Unreviewed
CVE-2026-1789
was published
Apr 24, 2026
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized...
Moderate
Unreviewed
CVE-2026-0390
was published
Apr 14, 2026
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local...
Moderate
Unreviewed
CVE-2019-25711
was published
Apr 12, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA...
Moderate
Unreviewed
CVE-2026-29134
was published
Apr 2, 2026
OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode...
Moderate
Unreviewed
CVE-2026-32975
was published
Mar 29, 2026
Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash...
Moderate
Unreviewed
CVE-2019-25621
was published
Mar 24, 2026
ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to...
Moderate
Unreviewed
CVE-2019-25594
was published
Mar 22, 2026
Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the...
Moderate
Unreviewed
CVE-2019-25544
was published
Mar 21, 2026
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF)...
Moderate
Unreviewed
CVE-2025-65328
was published
Jan 5, 2026
The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all...
Moderate
Unreviewed
CVE-2025-11271
was published
Nov 6, 2025
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals...
Moderate
Unreviewed
CVE-2024-9310
was published
Jan 22, 2025
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to...
Moderate
Unreviewed
CVE-2024-45654
was published
Jan 19, 2025
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient
Verification of Data...
Moderate
Unreviewed
CVE-2024-47254
was published
Nov 5, 2024
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to...
Moderate
Unreviewed
CVE-2023-46686
was published
Dec 19, 2023
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS...
Moderate
Unreviewed
CVE-2022-24400
was published
Oct 19, 2023
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to...
Moderate
Unreviewed
CVE-2017-0887
was published
May 13, 2022
A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2022-20744
was published
May 4, 2022
ProTip!
Advisories are also available from the
GraphQL API