Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

30,740 advisories

Loading
The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme)... Critical Unreviewed
CVE-2024-53932 was published Jan 7, 2025
An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed
CVE-2024-52975 was published Jan 23, 2025
Inadequate Encryption Strength Critical
CVE-2017-1000486 was published for org.primefaces:primefaces (Maven) Jun 3, 2021
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed
CVE-2025-21535 was published Jan 21, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the ssid parameter in the... Critical Unreviewed
CVE-2024-57575 was published Jan 16, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-57583 was published Jan 16, 2025
Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility... Critical Unreviewed
CVE-2024-24101 was published Mar 13, 2024
Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows... Critical Unreviewed
CVE-2025-23914 was published Jan 22, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated... Critical Unreviewed
CVE-2025-20156 was published Jan 22, 2025
Missing Authorization to enable or disable users in org.xwiki.platform:xwiki-platform-user-profile-ui Critical
CVE-2022-41930 was published for org.xwiki.platform:xwiki-platform-user-profile-ui (Maven) Nov 21, 2022
anonymous-nlp-student Credited to anonymous-nlp-student
In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due... Critical Unreviewed
CVE-2024-49748 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files... Critical Unreviewed
CVE-2025-23953 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows... Critical Unreviewed
CVE-2025-23942 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection.... Critical Unreviewed
CVE-2025-23932 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser... Critical Unreviewed
CVE-2025-23918 was published Jan 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-23931 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for... Critical Unreviewed
CVE-2025-23921 was published Jan 22, 2025
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2024-13091 was published Jan 22, 2025
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all... Critical Unreviewed
CVE-2021-26102 was published Dec 19, 2024
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2024-27764 was published Mar 6, 2024
XWiki Platform: Remote code execution through space title and Solr space facet Critical
CVE-2024-31984 was published for org.xwiki.platform:xwiki-platform-search-solr-ui (Maven) Apr 10, 2024
WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter. Critical Unreviewed
CVE-2024-57034 was published Jan 17, 2025
WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the... Critical Unreviewed
CVE-2024-57031 was published Jan 17, 2025
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32... Critical Unreviewed
CVE-2025-22376 was published Jan 4, 2025
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter... Critical Unreviewed
CVE-2023-41014 was published Mar 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database