Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,198 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser... Critical Unreviewed
CVE-2025-23918 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for... Critical Unreviewed
CVE-2025-23921 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection.... Critical Unreviewed
CVE-2025-23932 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files... Critical Unreviewed
CVE-2025-23953 was published Jan 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-23931 was published Jan 22, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows... Critical Unreviewed
CVE-2025-23942 was published Jan 22, 2025
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-12857 was published Jan 22, 2025
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2024-13091 was published Jan 22, 2025
In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due... Critical Unreviewed
CVE-2024-49748 was published Jan 22, 2025
In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a... Critical Unreviewed
CVE-2024-49747 was published Jan 22, 2025
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile... Critical Unreviewed
CVE-2025-21556 was published Jan 21, 2025
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Critical Unreviewed
CVE-2025-21547 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed
CVE-2025-21524 was published Jan 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed
CVE-2025-21535 was published Jan 21, 2025
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed
CVE-2024-54794 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-51818 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22553 was published Jan 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer.... Critical Unreviewed
CVE-2024-51919 was published Jan 21, 2025
Incorrect Privilege Assignment vulnerability in NotFound Homey Login Register allows Privilege... Critical Unreviewed
CVE-2024-51888 was published Jan 21, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with... Critical Unreviewed
CVE-2025-22723 was published Jan 21, 2025
Incorrect Privilege Assignment vulnerability in NotFound Easy Real Estate allows Privilege... Critical Unreviewed
CVE-2024-32555 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-49655 was published Jan 21, 2025
Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This... Critical Unreviewed
CVE-2024-49688 was published Jan 21, 2025
The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-0585 was published Jan 20, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed
CVE-2024-41783 was published Jan 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database