GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,250
Composer 5,336
Erlang 44
GitHub Actions 43
Go 3,181
Maven 6,302
npm 5,159
NuGet 863
pip 4,474
Pub 12
RubyGems 991
Rust 1,185
Swift 51

Unreviewed advisories

All unreviewed 293,693

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140,437 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Windows 2000 allows local users to prevent the application of new group policy settings by... Moderate Unreviewed

CVE-2002-0051 was published Apr 30, 2022

PostgreSQL uses the username for a salt when generating passwords, which makes it easier for... Moderate Unreviewed

CVE-2002-1657 was published Apr 30, 2022

Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users... Moderate Unreviewed

CVE-2001-1546 was published Apr 30, 2022

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not... Moderate Unreviewed

CVE-2002-1796 was published Apr 30, 2022

Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce.This issue affects... Moderate Unreviewed

CVE-2023-51692 was published Feb 28, 2024

Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and... Moderate Unreviewed

CVE-2024-23941 was published Feb 1, 2024

An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by... Moderate Unreviewed

CVE-2024-21728 was published Feb 15, 2024

Server-Side Request Forgery vulnerability in Haivision's Aviwest Manager and Aviwest Steamhub.... Moderate Unreviewed

CVE-2024-1965 was published Feb 28, 2024

In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and... Moderate Unreviewed

CVE-2023-52556 was published Mar 1, 2024

The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-0963 was published Feb 2, 2024

The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-6807 was published Feb 6, 2024

An incorrect authorization vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed

CVE-2023-32967 was published Feb 2, 2024

In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Moderate Unreviewed

CVE-2024-24942 was published Feb 6, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed

CVE-2023-50303 was published Feb 28, 2024

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7... Moderate Unreviewed

CVE-2026-4289 was published Mar 17, 2026

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed

CVE-2026-4287 was published Mar 17, 2026

A vulnerability was identified in taoofagi easegen-admin up to... Moderate Unreviewed

CVE-2026-4285 was published Mar 17, 2026

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed

CVE-2026-4288 was published Mar 17, 2026

A vulnerability was determined in taoofagi easegen-admin up to... Moderate Unreviewed

CVE-2026-4284 was published Mar 17, 2026

When an Expat parser with a registered ElementDeclHandler parses an inline document type... Moderate Unreviewed

CVE-2026-4224 was published Mar 16, 2026

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from... Moderate Unreviewed

CVE-2025-61662 was published Nov 18, 2025

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names. Moderate Unreviewed

CVE-2026-21991 was published Mar 17, 2026

Cross Site scripting vulnerability (XSS) in NetBox 4.3.5 "comment" field on object forms. An... Moderate Unreviewed

CVE-2025-57543 was published Mar 16, 2026

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was... Moderate Unreviewed

CVE-2026-3644 was published Mar 16, 2026

Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can... Moderate Unreviewed

CVE-2025-69238 was published Mar 16, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

140,437 advisories