GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,614
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,301
Maven 5,576
npm 3,942
NuGet 711
pip 3,711
Pub 12
RubyGems 920
Rust 960
Swift 38

Unreviewed advisories

All unreviewed 256,922

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

130,801 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authorization vulnerability in UX Design Experts Experto CTA Widget – Call To... Moderate Unreviewed

CVE-2025-47529 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-46527 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-46518 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-47513 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-46486 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-46493 was published May 23, 2025

The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf... Moderate Unreviewed

CVE-2025-41378 was published May 23, 2025

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed

CVE-2025-41380 was published May 23, 2025

The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an... Moderate Unreviewed

CVE-2025-41379 was published May 23, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 17.10.7, 17... Moderate Unreviewed

CVE-2024-7803 was published May 23, 2025

A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by... Moderate Unreviewed

CVE-2025-5105 was published May 23, 2025

A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects... Moderate Unreviewed

CVE-2025-5106 was published May 23, 2025

DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS).... Moderate Unreviewed

CVE-2025-4379 was published May 23, 2025

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS... Moderate Unreviewed

CVE-2025-3894 was published May 23, 2025

The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5096 was published May 23, 2025

The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern... Moderate Unreviewed

CVE-2025-47149 was published May 23, 2025

An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a... Moderate Unreviewed

CVE-2025-48695 was published May 23, 2025

openDCIM through 23.04 allows SQL injection in people_depts.php because prepared statements are... Moderate Unreviewed

CVE-2025-48701 was published May 23, 2025

The Tournamatch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-4594 was published May 23, 2025

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access... Moderate Unreviewed

CVE-2025-2394 was published May 23, 2025

Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration... Moderate Unreviewed

CVE-2025-4338 was published May 23, 2025

Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform... Moderate Unreviewed

CVE-2025-4692 was published May 23, 2025

When a notification relating to low battery appears for a user with whom the device has been... Moderate Unreviewed

CVE-2025-4975 was published May 23, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoint of... Moderate Unreviewed

CVE-2024-5962 was published May 22, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the sub-organization login flow of... Moderate Unreviewed

CVE-2024-7103 was published May 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

130,801 advisories