Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,939 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4738 was published Jun 19, 2025
The Versa Director software exposes a number of services by default and allow attackers an easy... Critical Unreviewed
CVE-2025-24288 was published Jun 19, 2025
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated... Critical Unreviewed
CVE-2025-23121 was published Jun 19, 2025
The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service... Critical Unreviewed
CVE-2024-45208 was published Jun 19, 2025
An issue in CloudClassroom PHP Project v.1.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-26199 was published Jun 18, 2025
CloudClassroom-PHP-Project v.1.0 is vulnerable to SQL Injection in loginlinkadmin.php, allowing... Critical Unreviewed
CVE-2025-26198 was published Jun 18, 2025
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote... Critical Unreviewed
CVE-2025-20260 was published Jun 18, 2025
Taylored webhook validation vulnerabilities Critical
GHSA-8g98-m4j9-qww5 was published for taylored (npm) Jun 18, 2025
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-46157 was published Jun 18, 2025
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including... Critical Unreviewed
CVE-2025-45784 was published Jun 18, 2025
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By... Critical Unreviewed
CVE-2025-1562 was published Jun 18, 2025
An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this... Critical Unreviewed
CVE-2025-51381 was published Jun 18, 2025
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49216 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49213 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49212 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... Critical Unreviewed
CVE-2025-49217 was published Jun 17, 2025
Langflow Unauth RCE Critical
CVE-2025-3248 was published for langflow (pip) Jun 17, 2025
An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could... Critical Unreviewed
CVE-2025-49220 was published Jun 17, 2025
An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could... Critical Unreviewed
CVE-2025-49219 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49452 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows... Critical Unreviewed
CVE-2025-49447 was published Jun 17, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and... Critical Unreviewed
CVE-2025-49330 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor... Critical Unreviewed
CVE-2025-49444 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48274 was published Jun 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a... Critical Unreviewed
CVE-2025-47452 was published Jun 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database