Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,297
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,371 advisories

Loading
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34027 was published May 22, 2025
The embedded web server lacks authentication and access controls, allowing unrestricted remote... Critical Unreviewed
CVE-2025-36535 was published May 21, 2025
Affected Vertiv products contain a stack based buffer overflow vulnerability. An attacker could... Critical Unreviewed
CVE-2025-41426 was published May 21, 2025
Affected Vertiv products do not properly protect webserver functions that could allow an attacker... Critical Unreviewed
CVE-2025-46412 was published May 21, 2025
The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is... Critical Unreviewed
CVE-2025-4524 was published May 21, 2025
The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not... Critical Unreviewed
CVE-2025-4094 was published May 21, 2025
The Meteobridge web interface let meteobridge administrator manage their weather station data... Critical Unreviewed
CVE-2025-4008 was published May 21, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in... Critical Unreviewed
CVE-2025-44883 was published May 20, 2025
A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed
CVE-2025-44880 was published May 20, 2025
A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed
CVE-2025-44881 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey... Critical Unreviewed
CVE-2025-44894 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter... Critical Unreviewed
CVE-2025-44891 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName... Critical Unreviewed
CVE-2025-44896 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name... Critical Unreviewed
CVE-2025-44888 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter... Critical Unreviewed
CVE-2025-44890 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip... Critical Unreviewed
CVE-2025-44885 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip... Critical Unreviewed
CVE-2025-44897 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName... Critical Unreviewed
CVE-2025-44898 was published May 20, 2025
A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1... Critical Unreviewed
CVE-2025-44882 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter... Critical Unreviewed
CVE-2025-44887 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the... Critical Unreviewed
CVE-2025-44884 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey... Critical Unreviewed
CVE-2025-44893 was published May 20, 2025
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName... Critical Unreviewed
CVE-2025-44886 was published May 20, 2025
D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this... Critical Unreviewed
CVE-2025-44084 was published May 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database