GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,307
Composer 5,343
Erlang 44
GitHub Actions 45
Go 3,196
Maven 6,305
npm 5,177
NuGet 864
pip 4,483
Pub 12
RubyGems 992
Rust 1,186
Swift 51

Unreviewed advisories

All unreviewed 293,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,317 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass... Critical Unreviewed

CVE-2026-32841 was published Mar 18, 2026

Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product... Critical Unreviewed

CVE-2026-21994 was published Mar 18, 2026

The /root/anaconda-ks.cfg installation configuration file in International Datacasting... Critical Unreviewed

CVE-2026-29120 was published Mar 4, 2026

JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess... Critical Unreviewed

CVE-2026-32295 was published Mar 17, 2026

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including... Critical Unreviewed

CVE-2026-32297 was published Mar 17, 2026

The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force... Critical Unreviewed

CVE-2026-32292 was published Mar 17, 2026

International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for... Critical Unreviewed

CVE-2026-28777 was published Mar 4, 2026

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities... Critical Unreviewed

CVE-2026-4177 was published Mar 17, 2026

A condition in ScreenConnect may allow an actor with access to server-level cryptographic... Critical Unreviewed

CVE-2026-3564 was published Mar 17, 2026

A command injection vulnerability in the minimal_wrapper.py component of kubectl-mcp-server v1.2... Critical Unreviewed

CVE-2025-69902 was published Mar 16, 2026

GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulnerability,... Critical Unreviewed

CVE-2026-4312 was published Mar 17, 2026

Miro Desktop 0.8.18 on macOS allows Electron code injection. Critical Unreviewed

CVE-2024-23746 was published Feb 2, 2024

The inclusion of the web scraper for AnythingLLM means that any user with the proper... Critical Unreviewed

CVE-2024-0455 was published Feb 26, 2024

Attacker, with permission to submit a link or submits a link via POST to be collected that is... Critical Unreviewed

CVE-2024-0440 was published Feb 26, 2024

A memory corruption vulnerability has been identified in PostScript interpreter in various... Critical Unreviewed

CVE-2023-50736 was published Feb 28, 2024

The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in... Critical Unreviewed

CVE-2023-50737 was published Feb 28, 2024

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark... Critical Unreviewed

CVE-2023-50734 was published Feb 28, 2024

Should an instance of AnythingLLM be hosted on an internal network and the attacked be explicitly... Critical Unreviewed

CVE-2024-0759 was published Feb 27, 2024

jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com... Critical Unreviewed

CVE-2024-24004 was published Feb 7, 2024

An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated... Critical Unreviewed

CVE-2025-69808 was published Mar 16, 2026

A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to... Critical Unreviewed

CVE-2025-69809 was published Mar 16, 2026

Boolean-Based SQL Injection is a type of blind SQL injection where an attacker manipulates SQL... Critical Unreviewed

CVE-2025-62319 was published Mar 16, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Yannick Lefebvre Modal... Critical Unreviewed

CVE-2026-32367 was published Mar 13, 2026

claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-15060 was published Mar 16, 2026

Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability... Critical Unreviewed

CVE-2017-20224 was published Mar 16, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,317 advisories