GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,395
Composer 4,383
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,314
npm 3,803
NuGet 687
pip 3,479
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,615

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,473 advisories

Filter by severity

Sort by

Least recently updated

A time-based blind SQL Injection vulnerability exists in the ChurchCRM 5.13.0 and prior... Critical Unreviewed

CVE-2025-1132 was published Feb 19, 2025

Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide,... Critical Unreviewed

CVE-2024-24681 was published Feb 24, 2024

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate... Critical Unreviewed

CVE-2023-27100 was published Mar 23, 2023

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1134 was published Feb 19, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1133 was published Feb 19, 2025

A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute... Critical Unreviewed

CVE-2025-1135 was published Feb 19, 2025

Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2... Critical Unreviewed

CVE-2023-28611 was published Mar 23, 2023

Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before... Critical Unreviewed

CVE-2022-25899 was published Aug 19, 2022

Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory... Critical Unreviewed

CVE-2024-2615 was published Mar 19, 2024

SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute... Critical Unreviewed

CVE-2025-22974 was published Feb 25, 2025

NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL... Critical Unreviewed

CVE-2024-53544 was published Feb 25, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Tourfic.This issue affects... Critical Unreviewed

CVE-2024-29135 was published Mar 19, 2024

In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an... Critical Unreviewed

CVE-2024-56525 was published Feb 25, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-26943 was published Feb 25, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino... Critical Unreviewed

CVE-2025-26966 was published Feb 25, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-26974 was published Feb 25, 2025

Deserialization of Untrusted Data vulnerability in flexmls Flexmls® IDX allows Object Injection.... Critical Unreviewed

CVE-2025-26900 was published Feb 25, 2025

The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress... Critical Unreviewed

CVE-2025-1128 was published Feb 25, 2025

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation... Critical Unreviewed

CVE-2022-48348 was published Mar 28, 2023

The control component has a spoofing vulnerability. Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2022-48349 was published Mar 28, 2023

In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE)... Critical Unreviewed

CVE-2025-27364 was published Feb 24, 2025

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10... Critical Unreviewed

CVE-2017-3066 was published May 13, 2022

Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote... Critical Unreviewed

CVE-2025-26201 was published Feb 24, 2025

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2024-54820 was published Feb 24, 2025

The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through... Critical Unreviewed

CVE-2025-26793 was published Feb 15, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,473 advisories