GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,475
Composer 5,369
Erlang 44
GitHub Actions 45
Go 3,248
Maven 6,316
npm 5,215
NuGet 867
pip 4,513
Pub 12
RubyGems 997
Rust 1,189
Swift 51

Unreviewed advisories

All unreviewed 293,990

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2021-1349 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2021-34712 was published May 24, 2022

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to... Moderate Unreviewed

CVE-2024-31882 was published Aug 14, 2024

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1,... Moderate Unreviewed

CVE-2024-35136 was published Aug 14, 2024

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2021-1481 was published Nov 15, 2024

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a... Moderate Unreviewed

CVE-2025-33114 was published Jul 29, 2025

NVIDIA Delegated Licensing Service for all appliance platforms contains a SQL injection... Moderate Unreviewed

CVE-2025-23292 was published Sep 30, 2025

IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows (includes Db2 Connect Server) could... Moderate Unreviewed

CVE-2025-36185 was published Nov 7, 2025

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment... Moderate Unreviewed

CVE-2025-42884 was published Nov 11, 2025

Apache Camel camel-neo4j component is vulnerable to cypher injection Moderate

CVE-2025-66169 was published for org.apache.camel:camel-neo4j (Maven) Jan 14, 2026

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed

CVE-2025-36366 was published Jan 31, 2026

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed

CVE-2025-36353 was published Jan 31, 2026

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed

CVE-2025-36442 was published Jan 31, 2026

Sylius has a DQL Injection via API Order Filters Moderate

CVE-2026-31825 was published for sylius/sylius (Composer) Mar 11, 2026

Credited to Neosprings and bnBart

bnBart

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically... Moderate Unreviewed

CVE-2026-3023 was published Mar 16, 2026

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15 advisories