GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,207
Composer 4,803
Erlang 36
GitHub Actions 29
Go 2,387
Maven 5,773
npm 4,017
NuGet 720
pip 3,811
Pub 12
RubyGems 930
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,144

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,908 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an... Critical Unreviewed

CVE-2025-53770 was published Jul 20, 2025

The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2015-10138 was published Jul 19, 2025

The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2016-15043 was published Jul 19, 2025

The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2015-10135 was published Jul 19, 2025

The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2012-10019 was published Jul 19, 2025

An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud... Critical Unreviewed

CVE-2025-29757 was published Jul 19, 2025

The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for... Critical Unreviewed

CVE-2025-7697 was published Jul 19, 2025

The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for... Critical Unreviewed

CVE-2025-7696 was published Jul 19, 2025

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a... Critical Unreviewed

CVE-2025-32463 was published Jun 30, 2025

CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used,... Critical Unreviewed

CVE-2025-54309 was published Jul 18, 2025

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in Internat.c via the... Critical Unreviewed

CVE-2025-25567 was published Mar 12, 2025

SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the... Critical Unreviewed

CVE-2025-25568 was published Mar 12, 2025

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert... Critical Unreviewed

CVE-2025-25565 was published Mar 12, 2025

A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and... Critical Unreviewed

CVE-2025-7395 was published Jul 19, 2025

Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in... Critical Unreviewed

CVE-2025-52046 was published Jul 17, 2025

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker... Critical Unreviewed

CVE-2025-47158 was published Jul 18, 2025

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate... Critical Unreviewed

CVE-2025-49747 was published Jul 18, 2025

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate... Critical Unreviewed

CVE-2025-49746 was published Jul 18, 2025

nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds... Critical Unreviewed

CVE-2025-50240 was published Jul 17, 2025

Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). ... Critical Unreviewed

CVE-2025-50067 was published Jul 15, 2025

The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed

CVE-2025-7444 was published Jul 18, 2025

The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-7643 was published Jul 18, 2025

The WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User... Critical Unreviewed

CVE-2025-6222 was published Jul 18, 2025

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to... Critical Unreviewed

CVE-2025-23266 was published Jul 17, 2025

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying... Critical Unreviewed

CVE-2025-53964 was published Jul 17, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,908 advisories