Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,530 advisories

Loading
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46190 was published May 9, 2025
Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management... Critical Unreviewed
CVE-2025-46191 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46192 was published May 9, 2025
Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed
CVE-2025-29509 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46188 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46189 was published May 9, 2025
Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH... Critical Unreviewed
CVE-2025-28202 was published May 9, 2025
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Critical Unreviewed
CVE-2025-28203 was published May 9, 2025
Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. Critical Unreviewed
CVE-2025-45513 was published May 9, 2025
Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that... Critical Unreviewed
CVE-2025-1087 was published May 9, 2025
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... Critical Unreviewed
CVE-2025-3605 was published May 9, 2025
The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-4403 was published May 9, 2025
The IMITHEMES Listing plugin is vulnerable to privilege escalation via account takeover in all... Critical Unreviewed
CVE-2025-2253 was published May 9, 2025
The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-11617 was published May 9, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... Critical Unreviewed
CVE-2025-3463 was published May 9, 2025
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed
CVE-2025-3711 was published May 9, 2025
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed
CVE-2025-3714 was published May 9, 2025
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed
CVE-2025-3710 was published May 9, 2025
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2025-3811 was published May 9, 2025
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2025-3810 was published May 9, 2025
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-29827 was published May 9, 2025
Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing... Critical Unreviewed
CVE-2025-29972 was published May 9, 2025
Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to... Critical Unreviewed
CVE-2025-47733 was published May 9, 2025
An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job... Critical Unreviewed
CVE-2025-29813 was published May 9, 2025
The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could... Critical Unreviewed
CVE-2025-27720 was published May 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database