GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,610
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,300
Maven 5,576
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 920
Rust 960
Swift 38

Unreviewed advisories

All unreviewed 256,756

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

120,836 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5096 was published May 23, 2025

The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern... Moderate Unreviewed

CVE-2025-47149 was published May 23, 2025

An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a... Moderate Unreviewed

CVE-2025-48695 was published May 23, 2025

openDCIM through 23.04 allows SQL injection in people_depts.php because prepared statements are... Moderate Unreviewed

CVE-2025-48701 was published May 23, 2025

The Tournamatch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-4594 was published May 23, 2025

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access... Moderate Unreviewed

CVE-2025-2394 was published May 23, 2025

When a notification relating to low battery appears for a user with whom the device has been... Moderate Unreviewed

CVE-2025-4975 was published May 23, 2025

Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform... Moderate Unreviewed

CVE-2025-4692 was published May 23, 2025

Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration... Moderate Unreviewed

CVE-2025-4338 was published May 23, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoint of... Moderate Unreviewed

CVE-2024-5962 was published May 22, 2025

Serialized configuration information may be disclosed during device commissioning while using... Moderate Unreviewed

CVE-2024-13954 was published May 22, 2025

One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to... Moderate Unreviewed

CVE-2024-13951 was published May 22, 2025

Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on... Moderate Unreviewed

CVE-2024-13949 was published May 22, 2025

Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser... Moderate Unreviewed

CVE-2024-13950 was published May 22, 2025

An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed

CVE-2024-7487 was published May 22, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the sub-organization login flow of... Moderate Unreviewed

CVE-2024-7103 was published May 22, 2025

Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of... Moderate Unreviewed

CVE-2024-13948 was published May 22, 2025

Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become... Moderate Unreviewed

CVE-2024-13958 was published May 22, 2025

Sensitive device logger information in ASPECT may be exposed if administrator credentials become... Moderate Unreviewed

CVE-2024-13953 was published May 22, 2025

An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume... Moderate Unreviewed

CVE-2024-13930 was published May 22, 2025

Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers... Moderate Unreviewed

CVE-2025-30170 was published May 22, 2025

File upload and execute vulnerabilities in ASPECT allow PHP script injection if session... Moderate Unreviewed

CVE-2025-30169 was published May 22, 2025

File upload vulnerabilities are present in ASPECT if session administrator credentials become... Moderate Unreviewed

CVE-2025-30173 was published May 22, 2025

CWE-601: URL Redirection to Untrusted Site ('Open Redirect') Moderate Unreviewed

CVE-2025-23183 was published May 22, 2025

CWE-203: Observable Discrepancy Moderate Unreviewed

CVE-2025-23182 was published May 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120,836 advisories