GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,919
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,207
Maven 5,433
npm 3,858
NuGet 696
pip 3,639
Pub 12
RubyGems 913
Rust 918
Swift 38

Unreviewed advisories

All unreviewed 249,598

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,000 advisories

Filter by severity

Sort by

Least recently updated

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 /... Moderate Unreviewed

CVE-2024-56469 was published Mar 27, 2025

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... Moderate Unreviewed

CVE-2024-45355 was published Mar 27, 2025

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... High Unreviewed

CVE-2024-45356 was published Mar 27, 2025

A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B&R... High Unreviewed

CVE-2024-45483 was published Mar 25, 2025

HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information... Moderate Unreviewed

CVE-2025-0256 was published Mar 24, 2025

In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server... Critical Unreviewed

CVE-2024-8196 was published Mar 20, 2025

Missing authentication for critical function vulnerability in the webapi component in Synology... High Unreviewed

CVE-2024-50630 was published Mar 19, 2025

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam... High Unreviewed

CVE-2025-30111 was published Mar 18, 2025

An unauthenticated remote attacker can gain access to the cloud API due to a lack of... Critical Unreviewed

CVE-2024-23943 was published Mar 18, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13772 was published Mar 14, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-13771 was published Mar 14, 2025

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8),... Moderate Unreviewed

CVE-2024-52285 was published Mar 11, 2025

SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed

CVE-2025-23194 was published Mar 11, 2025

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup... High Unreviewed

CVE-2025-27256 was published Mar 10, 2025

The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2024-9658 was published Mar 7, 2025

The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in... Critical Unreviewed

CVE-2025-1315 was published Mar 7, 2025

Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular... High Unreviewed

CVE-2024-31525 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27642 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed

CVE-2025-27647 was published Mar 5, 2025

Certain functionality within GMOD Apollo does not require authentication when passed with an... Critical Unreviewed

CVE-2025-24924 was published Mar 5, 2025

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2025-1717 was published Feb 27, 2025

Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to... High Unreviewed

CVE-2025-21355 was published Feb 20, 2025

Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow... Moderate Unreviewed

CVE-2024-57055 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed

CVE-2025-25224 was published Feb 18, 2025

An issue in the Arcadyan Livebox Fibra PRV3399B_B_LT allows a remote or local attacker to modify... Moderate Unreviewed

CVE-2024-57725 was published Feb 14, 2025

Previous 1 2 3 4 5 … 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,000 advisories