GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,106
NuGet
735
pip
3,928
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
268,757 advisories
Filter by severity
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This...
Critical
Unreviewed
CVE-2025-49710
was published
Jun 11, 2025
Certain canvas operations could have lead to memory corruption. This vulnerability affects...
Critical
Unreviewed
CVE-2025-49709
was published
Jun 11, 2025
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege...
High
Unreviewed
CVE-2025-4315
was published
Jun 11, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf...
Moderate
Unreviewed
CVE-2025-5986
was published
Jun 11, 2025
The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
High
Unreviewed
CVE-2025-3302
was published
Jun 11, 2025
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root.
...
High
Unreviewed
CVE-2025-5687
was published
Jun 11, 2025
The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to...
Moderate
Unreviewed
CVE-2025-26412
was published
Jun 11, 2025
An unauthenticated remote attacker can execute arbitrary commands with root privileges on...
High
Unreviewed
CVE-2025-41662
was published
Jun 11, 2025
An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands...
High
Unreviewed
CVE-2025-41663
was published
Jun 11, 2025
An unauthenticated remote attacker can execute arbitrary commands with root privileges on...
High
Unreviewed
CVE-2025-41661
was published
Jun 11, 2025
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module....
Low
Unreviewed
CVE-2025-5991
was published
Jun 11, 2025
A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with...
Moderate
Unreviewed
CVE-2024-35295
was published
Jun 11, 2025
The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due...
High
Unreviewed
CVE-2025-5395
was published
Jun 11, 2025
SunGrow's back end users system iSolarCloud https://isolarcloud.com uses an MQTT service to...
High
Unreviewed
CVE-2025-29756
was published
Jun 11, 2025
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions...
Moderate
Unreviewed
CVE-2025-4798
was published
Jun 11, 2025
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack...
High
Unreviewed
CVE-2025-4799
was published
Jun 11, 2025
The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’...
Moderate
Unreviewed
CVE-2025-4666
was published
Jun 11, 2025
Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an...
Critical
Unreviewed
CVE-2024-1244
was published
Jun 11, 2025
ProTip!
Advisories are also available from the
GraphQL API