Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,172 advisories

Loading
A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as... High Unreviewed
CVE-2025-0707 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator allows Stored XSS.... High Unreviewed
CVE-2025-24756 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24728 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24669 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24659 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24672 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode... High Unreviewed
CVE-2025-24636 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24663 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24683 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This... High Unreviewed
CVE-2025-24561 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS.... High Unreviewed
CVE-2025-24562 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24587 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24570 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows... High Unreviewed
CVE-2025-24555 was published Jan 24, 2025
An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can... High Unreviewed
CVE-2025-23222 was published Jan 24, 2025
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the... High Unreviewed
CVE-2019-15690 was published Jan 24, 2025
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed
CVE-2024-40693 was published Jan 24, 2025
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating... High Unreviewed
CVE-2024-25034 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  CP210 VCP Win 2k ... High Unreviewed
CVE-2024-9494 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows ... High Unreviewed
CVE-2024-9495 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility... High Unreviewed
CVE-2024-9492 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Dev Kit ... High Unreviewed
CVE-2024-9496 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK ... High Unreviewed
CVE-2024-9498 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  ToolStick ... High Unreviewed
CVE-2024-9493 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE... High Unreviewed
CVE-2024-9499 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database