Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

256,906 advisories

Loading
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Unknown Unreviewed
CVE-2024-51101 was published May 23, 2025
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus... Unknown Unreviewed
CVE-2024-51107 was published May 23, 2025
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /admin/card-bwdates... Unknown Unreviewed
CVE-2024-51108 was published May 23, 2025
A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical.... Moderate Unreviewed
CVE-2025-5114 was published May 23, 2025
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Unknown Unreviewed
CVE-2024-51360 was published May 23, 2025
A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an... Moderate Unreviewed
CVE-2025-5109 was published May 23, 2025
Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS)... Moderate Unreviewed
CVE-2018-25110 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-48275 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
An access control vulnerability was discovered in Grafana OSS where an Organization administrator... Moderate Unreviewed
CVE-2025-3580 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object... Critical Unreviewed
CVE-2025-48289 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48273 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros - Pagaleve allows... Critical Unreviewed
CVE-2025-48287 was published May 23, 2025
A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-5108 was published May 23, 2025
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This... Moderate Unreviewed
CVE-2025-5112 was published May 23, 2025
A vulnerability was found in Fujian Kelixun 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5107 was published May 23, 2025
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.... Moderate Unreviewed
CVE-2025-5111 was published May 23, 2025
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this... Moderate Unreviewed
CVE-2025-5110 was published May 23, 2025
A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected... High Unreviewed
CVE-2022-31812 was published May 23, 2025
PHPGurukul Old Age Home Management System v1.0 is vulnerable to HTML Injection via the searchdata... Unknown Unreviewed
CVE-2024-48702 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48245 was published May 23, 2025
Missing Authorization vulnerability in Leadinfo Leadinfo allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-48271 was published May 23, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-48286 was published May 23, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-48292 was published May 23, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass... High Unreviewed
CVE-2022-31807 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database