GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,331

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,457 advisories

Filter by severity

Sort by

Least recently updated

A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1... Critical Unreviewed

CVE-2024-54756 was published Feb 21, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-33551 was published Apr 29, 2024

Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore... Critical Unreviewed

CVE-2024-33553 was published Apr 29, 2024

External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti... Critical Unreviewed

CVE-2024-38657 was published Feb 21, 2025

Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via... Critical Unreviewed

CVE-2025-25674 was published Feb 21, 2025

Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed

CVE-2025-25668 was published Feb 21, 2025

Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed

CVE-2025-25664 was published Feb 21, 2025

Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter... Critical Unreviewed

CVE-2025-25678 was published Feb 21, 2025

SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to... Critical Unreviewed

CVE-2024-57401 was published Feb 20, 2025

Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the... Critical Unreviewed

CVE-2025-25667 was published Feb 21, 2025

Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in... Critical Unreviewed

CVE-2025-25676 was published Feb 21, 2025

A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of... Critical Unreviewed

CVE-2025-25663 was published Feb 21, 2025

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed

CVE-2025-25675 was published Feb 21, 2025

Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter... Critical Unreviewed

CVE-2025-25662 was published Feb 21, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13159 was published Jan 14, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1023 was published Feb 18, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13161 was published Jan 14, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13160 was published Jan 14, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-10811 was published Jan 14, 2025

Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress. Critical Unreviewed

CVE-2022-41155 was published Nov 19, 2022

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection... Critical Unreviewed

CVE-2022-28495 was published Mar 24, 2023

An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an... Critical Unreviewed

CVE-2025-1265 was published Feb 20, 2025

Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. Critical Unreviewed

CVE-2022-41652 was published Nov 18, 2022

Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access... Critical Unreviewed

CVE-2020-35546 was published Feb 19, 2025

Extreme Networks IQ Engine before 10.6r1a, and through 10.6r4 before 10.6r5, has a buffer... Critical Unreviewed

CVE-2023-46271 was published Feb 19, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,457 advisories