Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

94,224 advisories

Loading
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54007 was published Jan 7, 2025
Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an... High Unreviewed
CVE-2024-55555 was published Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54006 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22593 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bozdoz Quote Tweet allows Stored XSS.This... High Unreviewed
CVE-2025-22589 was published Jan 7, 2025
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This... High Unreviewed
CVE-2024-8361 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22350 was published Jan 7, 2025
An attacker who successfully exploited these vulnerabilities could cause enable command execution... High Unreviewed
CVE-2024-12430 was published Jan 7, 2025
An issue in the 690b33e1-0462-4e84-9bea-c7552b45432a.sys component of Asus GPU Tweak II Program... High Unreviewed
CVE-2024-55410 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Instabot Instabot allows Cross Site Request... High Unreviewed
CVE-2025-22571 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scott Nellé Uptime Robot allows Stored XSS... High Unreviewed
CVE-2025-22582 was published Jan 7, 2025
Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Accessing... High Unreviewed
CVE-2025-22592 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22536 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows... High Unreviewed
CVE-2025-22556 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22547 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode... High Unreviewed
CVE-2025-22555 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mario Mansour and Geoff Peters TubePress.NET... High Unreviewed
CVE-2025-22559 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Prayer Times Anywhere allows Stored... High Unreviewed
CVE-2025-22590 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate... High Unreviewed
CVE-2025-22552 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross... High Unreviewed
CVE-2025-22557 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22548 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22519 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request... High Unreviewed
CVE-2025-22520 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22522 was published Jan 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22502 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database