GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,857 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-59557 was published Oct 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-58967 was published Oct 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy... Critical Unreviewed

CVE-2025-52758 was published Oct 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-58958 was published Oct 22, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows... Critical Unreviewed

CVE-2025-58963 was published Oct 22, 2025

Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter... Critical Unreviewed

CVE-2025-53424 was published Oct 22, 2025

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on... Critical Unreviewed

CVE-2025-57870 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2025-52735 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2025-52734 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2025-52741 was published Oct 22, 2025

Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed

CVE-2025-52738 was published Oct 22, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-49931 was published Oct 22, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-49915 was published Oct 22, 2025

TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. Critical Unreviewed

CVE-2025-56447 was published Oct 22, 2025

AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection... Critical Unreviewed

CVE-2016-15048 was published Oct 22, 2025

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated... Critical Unreviewed

CVE-2025-41723 was published Oct 22, 2025

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed

CVE-2025-41108 was published Oct 22, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-62481 was published Oct 21, 2025

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed

CVE-2025-61757 was published Oct 21, 2025

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... Critical Unreviewed

CVE-2025-53072 was published Oct 21, 2025

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Critical Unreviewed

CVE-2025-53037 was published Oct 21, 2025

Improper authentication in the web-based management interface of NETLINK HG322G V1.0.00-231017,... Critical Unreviewed

CVE-2025-60772 was published Oct 21, 2025

The affected Raisecom devices allow SSH sessions to be established without completing user... Critical Unreviewed

CVE-2025-11534 was published Oct 21, 2025

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that... Critical Unreviewed

CVE-2025-11625 was published Oct 21, 2025

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command... Critical Unreviewed

CVE-2025-10020 was published Oct 21, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,857 advisories