GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,009
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,427
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,127

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,985 advisories

Filter by severity

Sort by

Least recently updated

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy... Critical Unreviewed

CVE-2025-0282 was published Jan 9, 2025

A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the... Critical Unreviewed

CVE-2024-55556 was published Jan 7, 2025

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The... Critical Unreviewed

CVE-2023-33476 was published Jun 2, 2023

This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in... Critical Unreviewed

CVE-2018-4301 was published Jan 8, 2025

A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which... Critical Unreviewed

CVE-2024-55414 was published Jan 7, 2025

File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-50660 was published Jan 7, 2025

Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to... Critical Unreviewed

CVE-2024-50658 was published Jan 7, 2025

RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). Critical Unreviewed

CVE-2023-33864 was published Jun 7, 2023

Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows... Critical Unreviewed

CVE-2023-43902 was published Nov 14, 2023

GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because... Critical Unreviewed

CVE-2023-45878 was published Nov 14, 2023

RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). Critical Unreviewed

CVE-2023-33863 was published Jun 7, 2023

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed

CVE-2024-54819 was published Jan 7, 2025

An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading... Critical Unreviewed

CVE-2022-41573 was published Jan 7, 2025

An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be... Critical Unreviewed

CVE-2022-41572 was published Jan 7, 2025

An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and... Critical Unreviewed

CVE-2024-35532 was published Jan 7, 2025

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed

CVE-2024-11350 was published Jan 8, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all... Critical Unreviewed

CVE-2024-11635 was published Jan 8, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary... Critical Unreviewed

CVE-2024-11613 was published Jan 8, 2025

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to... Critical Unreviewed

CVE-2024-50603 was published Jan 8, 2025

In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in... Critical Unreviewed

CVE-2017-9117 was published May 13, 2022

SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an... Critical Unreviewed

CVE-2024-54879 was published Jan 6, 2025

SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an... Critical Unreviewed

CVE-2024-54880 was published Jan 6, 2025

The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a... Critical Unreviewed

CVE-2024-8855 was published Jan 7, 2025

An Escalation of Privilege security vulnerability was found in SecureAge Security Suite software... Critical Unreviewed

CVE-2024-46622 was published Jan 6, 2025

A privilege escalation allowing remote code execution was discovered in the orchestration service. Critical Unreviewed

CVE-2023-2530 was published Jun 7, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,985 advisories