GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,587

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,228 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The authentication mechanism on web interface is not properly implemented. It is possible to... Critical Unreviewed

CVE-2025-36754 was published Dec 13, 2025

Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X.... Critical Unreviewed

CVE-2025-36751 was published Dec 13, 2025

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented... Critical Unreviewed

CVE-2025-36752 was published Dec 13, 2025

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2025-14440 was published Dec 13, 2025

ShineLan-X contains a set of credentials for an FTP server was found within the firmware,... Critical Unreviewed

CVE-2025-36747 was published Dec 13, 2025

The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive... Critical Unreviewed

CVE-2025-11693 was published Dec 13, 2025

The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to SQL Injection via... Critical Unreviewed

CVE-2025-10738 was published Dec 13, 2025

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows... Critical Unreviewed

CVE-2024-58299 was published Dec 12, 2025

Plesk 18.0 has Incorrect Access Control. Critical Unreviewed

CVE-2025-66430 was published Dec 12, 2025

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache... Critical Unreviewed

CVE-2025-58130 was published Dec 12, 2025

The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-14344 was published Dec 12, 2025

The LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart plugin for... Critical Unreviewed

CVE-2025-12963 was published Dec 12, 2025

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to... Critical Unreviewed

CVE-2024-58308 was published Dec 12, 2025

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view... Critical Unreviewed

CVE-2024-58307 was published Dec 12, 2025

Xhibiter NFT Marketplace 1.10.2 contains a SQL injection vulnerability in the collections... Critical Unreviewed

CVE-2024-58290 was published Dec 12, 2025

Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability... Critical Unreviewed

CVE-2024-58298 was published Dec 12, 2025

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject... Critical Unreviewed

CVE-2024-58286 was published Dec 12, 2025

Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to... Critical Unreviewed

CVE-2024-58301 was published Dec 12, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66045 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66046 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66047 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66043 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66044 was published Dec 11, 2025

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of... Critical Unreviewed

CVE-2025-66048 was published Dec 11, 2025

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6... Critical Unreviewed

CVE-2025-65473 was published Dec 11, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,228 advisories