Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

26,092 advisories

Loading
The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1... Critical Unreviewed
CVE-2025-26850 was published Jul 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52833 was published Jul 4, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy... Critical Unreviewed
CVE-2025-49302 was published Jul 4, 2025
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2025-49867 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52832 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52831 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52830 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows... Critical Unreviewed
CVE-2025-49414 was published Jul 4, 2025
Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi... Critical Unreviewed
CVE-2025-49417 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28983 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows... Critical Unreviewed
CVE-2025-30933 was published Jul 4, 2025
Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege... Critical Unreviewed
CVE-2025-23970 was published Jul 4, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-28951 was published Jul 4, 2025
An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote... Critical Unreviewed
CVE-2025-34089 was published Jul 3, 2025
An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When... Critical Unreviewed
CVE-2025-34087 was published Jul 3, 2025
A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure... Critical Unreviewed
CVE-2025-34082 was published Jul 3, 2025
A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2025-34061 was published Jul 3, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload... Critical Unreviewed
CVE-2025-23968 was published Jul 3, 2025
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface... Critical Unreviewed
CVE-2025-34074 was published Jul 2, 2025
A cookie encryption bypass vulnerability exists in Google Chrome’s AppBound mechanism due to weak... Critical Unreviewed
CVE-2025-34092 was published Jul 2, 2025
A security bypass vulnerability exists in Google Chrome AppBound cookie encryption mechanism due... Critical Unreviewed
CVE-2025-34090 was published Jul 2, 2025
ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2025-45813 was published Jul 2, 2025
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified... Critical Unreviewed
CVE-2025-20309 was published Jul 2, 2025
Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 ... Critical Unreviewed
CVE-2025-45814 was published Jul 2, 2025
A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol ... Critical Unreviewed
CVE-2025-34072 was published Jul 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database