GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,474
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,845
NuGet
696
pip
3,635
Pub
12
RubyGems
911
Rust
912
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
97,448 advisories
Filter by severity
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function...
High
Unreviewed
CVE-2024-44313
was published
Mar 18, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and...
High
Unreviewed
CVE-2025-30117
was published
Mar 18, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of...
High
Unreviewed
CVE-2025-30116
was published
Mar 18, 2025
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could...
High
Unreviewed
CVE-2024-58104
was published
Mar 25, 2025
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive...
High
Unreviewed
CVE-2023-25016
was published
Feb 6, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via...
High
Unreviewed
CVE-2023-25193
was published
Feb 4, 2023
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2025-30567
was published
Mar 25, 2025
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could...
High
Unreviewed
CVE-2024-58105
was published
Mar 25, 2025
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a ...
High
Unreviewed
CVE-2024-45234
was published
Aug 25, 2024
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An...
High
Unreviewed
CVE-2024-32736
was published
May 14, 2024
An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the...
High
Unreviewed
CVE-2025-30140
was published
Mar 18, 2025
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to...
High
Unreviewed
CVE-2024-52531
was published
Nov 11, 2024
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which...
High
Unreviewed
CVE-2024-40715
was published
Nov 7, 2024
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it...
High
Unreviewed
CVE-2025-1936
was published
Mar 4, 2025
Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This...
High
Unreviewed
CVE-2025-26935
was published
Feb 25, 2025
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via...
High
Unreviewed
CVE-2024-36745
was published
Jun 6, 2024
Komm.One CMS 10.4.2.14 has a Server-Side Template Injection (SSTI) vulnerability via the Velocity...
High
Unreviewed
CVE-2024-24230
was published
Mar 18, 2024
In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing...
High
Unreviewed
CVE-2024-29753
was published
Apr 5, 2024
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute...
High
Unreviewed
CVE-2024-31003
was published
Apr 2, 2024
An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and...
High
Unreviewed
CVE-2025-30141
was published
Mar 18, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur....
High
Unreviewed
CVE-2025-30142
was published
Mar 18, 2025
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=....
High
Unreviewed
CVE-2025-26137
was published
Mar 18, 2025
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of...
High
Unreviewed
CVE-2024-20366
was published
May 15, 2024
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted...
High
Unreviewed
CVE-2024-33443
was published
Apr 29, 2024
ProTip!
Advisories are also available from the
GraphQL API