Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,462 advisories

Loading
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail... Critical Unreviewed
CVE-2025-25279 was published Feb 24, 2025
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail... Critical Unreviewed
CVE-2025-24490 was published Feb 24, 2025
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail... Critical Unreviewed
CVE-2025-20051 was published Feb 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload... Critical Unreviewed
CVE-2025-26776 was published Feb 22, 2025
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider... Critical Unreviewed
CVE-2025-26763 was published Feb 22, 2025
A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1... Critical Unreviewed
CVE-2024-54756 was published Feb 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33551 was published Apr 29, 2024
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore... Critical Unreviewed
CVE-2024-33553 was published Apr 29, 2024
Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via... Critical Unreviewed
CVE-2025-25674 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed
CVE-2025-25668 was published Feb 21, 2025
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter... Critical Unreviewed
CVE-2025-25678 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter... Critical Unreviewed
CVE-2025-25664 was published Feb 21, 2025
External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti... Critical Unreviewed
CVE-2024-38657 was published Feb 21, 2025
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the... Critical Unreviewed
CVE-2025-25667 was published Feb 21, 2025
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in... Critical Unreviewed
CVE-2025-25676 was published Feb 21, 2025
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of... Critical Unreviewed
CVE-2025-25663 was published Feb 21, 2025
Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed
CVE-2025-25675 was published Feb 21, 2025
Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow in the function SafeSetMacFilter... Critical Unreviewed
CVE-2025-25662 was published Feb 21, 2025
SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to... Critical Unreviewed
CVE-2024-57401 was published Feb 20, 2025
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed
CVE-2024-13159 was published Jan 14, 2025
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2025-1023 was published Feb 18, 2025
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed
CVE-2024-13161 was published Jan 14, 2025
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed
CVE-2024-13160 was published Jan 14, 2025
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed
CVE-2024-10811 was published Jan 14, 2025
Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress. Critical Unreviewed
CVE-2022-41155 was published Nov 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database