GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,051

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242,051 advisories

Filter by severity

Sort by

Least recently updated

Inclusion of undocumented features issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. A... High Unreviewed

CVE-2025-22450 was published Jan 22, 2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... Moderate Unreviewed

CVE-2025-23237 was published Jan 22, 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-12879 was published Jan 22, 2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2025-20617 was published Jan 22, 2025

The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-13590 was published Jan 22, 2025

The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13584 was published Jan 22, 2025

This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node... High Unreviewed

CVE-2025-23087 was published Jan 22, 2025

This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node... High Unreviewed

CVE-2025-23089 was published Jan 22, 2025

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to... Moderate Unreviewed

CVE-2024-13426 was published Jan 22, 2025

With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed

CVE-2025-23090 was published Jan 22, 2025

With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed

CVE-2025-23083 was published Jan 22, 2025

This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node... High Unreviewed

CVE-2025-23088 was published Jan 22, 2025

A vulnerability, which was classified as problematic, was found in CampCodes School Management... Low Unreviewed

CVE-2025-0625 was published Jan 22, 2025

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0... Moderate Unreviewed

CVE-2024-32116 was published Nov 12, 2024

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Unknown Unreviewed

CVE-2023-37037 was published Jan 22, 2025

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Unknown Unreviewed

CVE-2023-37034 was published Jan 22, 2025

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit... Unknown Unreviewed

CVE-2024-24417 was published Jan 22, 2025

In multiple locations, there is a possible way to obtain any system permission due to a logic... Unknown Unreviewed

CVE-2024-43095 was published Jan 22, 2025

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Unknown Unreviewed

CVE-2023-37038 was published Jan 22, 2025

A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to... Unknown Unreviewed

CVE-2024-24427 was published Jan 22, 2025

In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs... Unknown Unreviewed

CVE-2024-34730 was published Jan 22, 2025

A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1... Unknown Unreviewed

CVE-2024-24424 was published Jan 22, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Unknown Unreviewed

CVE-2024-24421 was published Jan 22, 2025

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit... Unknown Unreviewed

CVE-2024-24423 was published Jan 22, 2025

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to... Unknown Unreviewed

CVE-2024-24428 was published Jan 22, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

242,051 advisories