GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,494
Composer 4,688
Erlang 34
GitHub Actions 26
Go 2,274
Maven 5,548
npm 3,930
NuGet 706
pip 3,696
Pub 12
RubyGems 919
Rust 955
Swift 38

Unreviewed advisories

All unreviewed 255,035

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,243 advisories

Filter by severity

Sort by

Least recently updated

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed

CVE-2025-46190 was published May 9, 2025

Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management... Critical Unreviewed

CVE-2025-46191 was published May 9, 2025

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed

CVE-2025-46192 was published May 9, 2025

Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed

CVE-2025-29509 was published May 9, 2025

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed

CVE-2025-46188 was published May 9, 2025

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed

CVE-2025-46189 was published May 9, 2025

Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH... Critical Unreviewed

CVE-2025-28202 was published May 9, 2025

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Critical Unreviewed

CVE-2025-28203 was published May 9, 2025

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. Critical Unreviewed

CVE-2025-45513 was published May 9, 2025

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that... Critical Unreviewed

CVE-2025-1087 was published May 9, 2025

The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-4403 was published May 9, 2025

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2025-3605 was published May 9, 2025

The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2024-11617 was published May 9, 2025

The IMITHEMES Listing plugin is vulnerable to privilege escalation via account takeover in all... Critical Unreviewed

CVE-2025-2253 was published May 9, 2025

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... Critical Unreviewed

CVE-2025-3463 was published May 9, 2025

The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed

CVE-2025-3711 was published May 9, 2025

The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed

CVE-2025-3714 was published May 9, 2025

The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing... Critical Unreviewed

CVE-2025-3710 was published May 9, 2025

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed

CVE-2025-3811 was published May 9, 2025

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed

CVE-2025-3810 was published May 9, 2025

Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-47733 was published May 9, 2025

Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing... Critical Unreviewed

CVE-2025-29972 was published May 9, 2025

Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges... Critical Unreviewed

CVE-2025-29827 was published May 9, 2025

An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job... Critical Unreviewed

CVE-2025-29813 was published May 9, 2025

The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could... Critical Unreviewed

CVE-2025-27720 was published May 9, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,243 advisories