GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,397

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

268,397 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.1),... Moderate Unreviewed

CVE-2024-41797 was published Jun 10, 2025

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... Moderate Unreviewed

CVE-2025-27207 was published Jun 10, 2025

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... High Unreviewed

CVE-2025-40567 was published Jun 10, 2025

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed

CVE-2025-40569 was published Jun 10, 2025

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... Moderate Unreviewed

CVE-2025-27206 was published Jun 10, 2025

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed

CVE-2025-40568 was published Jun 10, 2025

A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected... Critical Unreviewed

CVE-2025-40585 was published Jun 10, 2025

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... High Unreviewed

CVE-2025-40591 was published Jun 10, 2025

A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potentially expose... High Unreviewed

CVE-2025-37100 was published Jun 10, 2025

The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to... High Unreviewed

CVE-2025-46612 was published Jun 10, 2025

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The... Moderate Unreviewed

CVE-2025-26394 was published Jun 10, 2025

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed

CVE-2025-5335 was published Jun 10, 2025

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed

CVE-2025-5353 was published Jun 10, 2025

Cross-Site Request Forgery (CSRF) vulnerability in uxper Civi Framework allows Cross Site Request... High Unreviewed

CVE-2025-49511 was published Jun 10, 2025

Missing Authorization vulnerability in Roland Beaussant Audio Editor & Recorder allows Exploiting... Moderate Unreviewed

CVE-2025-49509 was published Jun 10, 2025

Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection... Critical Unreviewed

CVE-2025-49507 was published Jun 10, 2025

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed

CVE-2025-22463 was published Jun 10, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Min Max Step Quantity Limits Manager... Moderate Unreviewed

CVE-2025-49510 was published Jun 10, 2025

SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS)... High Unreviewed

CVE-2025-26395 was published Jun 10, 2025

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed

CVE-2025-22455 was published Jun 10, 2025

Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection... Critical Unreviewed

CVE-2025-49455 was published Jun 10, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-49454 was published Jun 10, 2025

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... High Unreviewed

CVE-2025-43701 was published Jun 10, 2025

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-4774 was published Jun 10, 2025

The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-4577 was published Jun 10, 2025

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

268,397 advisories