GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,747

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

929 advisories

Filter by severity

Sort by

Least recently updated

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed

CVE-2024-2860 was published May 8, 2024

Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed

CVE-2023-51478 was published Apr 25, 2024

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed

CVE-2021-44077 was published Nov 30, 2021

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2025-21559 was published Jan 21, 2025

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle... High Unreviewed

CVE-2024-7516 was published Nov 12, 2024

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass... Critical Unreviewed

CVE-2024-9644 was published Feb 4, 2025

TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative... High Unreviewed

CVE-2022-24990 was published Feb 7, 2023

There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure... Low Unreviewed

CVE-2024-3219 was published Jul 30, 2024

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed

CVE-2025-21515 was published Jan 21, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed

CVE-2025-21524 was published Jan 21, 2025

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed

CVE-2024-37368 was published Jun 14, 2024

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow... High Unreviewed

CVE-2023-31444 was published Apr 28, 2023

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed

CVE-2024-54153 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed

CVE-2024-54155 was published Dec 4, 2024

In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed

CVE-2025-24456 was published Jan 21, 2025

An unauthenticated remote attacker can modify configurations to perform a remote code execution... Critical Unreviewed

CVE-2024-25995 was published Mar 12, 2024

The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-10284 was published Nov 9, 2024

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed

CVE-2022-26143 was published Mar 11, 2022

Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed

CVE-2020-3952 was published May 24, 2022

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9861 was published Oct 17, 2024

Undisclosed requests may bypass configuration utility authentication, allowing an attacker... Critical Unreviewed

CVE-2023-46747 was published Oct 26, 2023

SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability... Critical Unreviewed

CVE-2023-1096 was published May 12, 2023

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-12857 was published Jan 22, 2025

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed

CVE-2024-45276 was published Oct 15, 2024

A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed

CVE-2024-12957 was published Jan 23, 2025

Previous 1 2 3 4 5 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

929 advisories