GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,700
Composer 5,025
Erlang 39
GitHub Actions 38
Go 2,660
Maven 6,115
npm 4,289
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,644

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,504 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows... Critical Unreviewed

CVE-2025-41346 was published Nov 18, 2025

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious... Critical Unreviewed

CVE-2025-40549 was published Nov 18, 2025

A missing validation process exists in Serv U when abused, could give a malicious actor with... Critical Unreviewed

CVE-2025-40548 was published Nov 18, 2025

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with... Critical Unreviewed

CVE-2025-40547 was published Nov 18, 2025

A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap... Critical Unreviewed

CVE-2025-32911 was published Apr 15, 2025

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates... Critical Unreviewed

CVE-2025-48581 was published Sep 4, 2025

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7... Critical Unreviewed

CVE-2025-34044 was published Jun 26, 2025

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version... Critical Unreviewed

CVE-2025-34049 was published Jun 26, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of... Critical Unreviewed

CVE-2025-34039 was published Jun 26, 2025

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware... Critical Unreviewed

CVE-2025-34042 was published Jun 26, 2025

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed

CVE-2018-4878 was published May 13, 2022

An unauthenticated file upload vulnerability exists in the Fanwei E-Office <= v9.4 web management... Critical Unreviewed

CVE-2025-34046 was published Jun 26, 2025

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via... Critical Unreviewed

CVE-2016-4117 was published May 14, 2022

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to... Critical Unreviewed

CVE-2016-4171 was published May 13, 2022

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow... Critical Unreviewed

CVE-2018-5002 was published May 13, 2022

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in... Critical Unreviewed

CVE-2024-44659 was published Nov 17, 2025

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default... Critical Unreviewed

CVE-2025-63747 was published Nov 17, 2025

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the... Critical Unreviewed

CVE-2025-9501 was published Nov 17, 2025

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service ... Critical Unreviewed

CVE-2016-1019 was published May 14, 2022

Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core... Critical Unreviewed

CVE-2025-58627 was published Nov 6, 2025

Deserialization of Untrusted Data vulnerability in WP User Manager WP User Manager wp-user... Critical Unreviewed

CVE-2025-60245 was published Nov 6, 2025

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for... Critical Unreviewed

CVE-2025-60243 was published Nov 6, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket... Critical Unreviewed

CVE-2025-60235 was published Nov 6, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,504 advisories