Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,494 advisories

Loading
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf... High Unreviewed
CVE-2025-44951 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to... High Unreviewed
CVE-2025-36048 was published Jun 18, 2025
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external... High Unreviewed
CVE-2025-36049 was published Jun 18, 2025
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... High Unreviewed
CVE-2025-20271 was published Jun 18, 2025
SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain... High Unreviewed
CVE-2025-46109 was published Jun 18, 2025
Real Estate Management 1.0 is vulnerable to Cross Site Scripting (XSS) in /store/index.php. High Unreviewed
CVE-2025-45786 was published Jun 18, 2025
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed
CVE-2025-6220 was published Jun 18, 2025
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed
CVE-2025-6086 was published Jun 18, 2025
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-4413 was published Jun 18, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds read, which may allow an attacker to... High Unreviewed
CVE-2025-32412 was published Jun 17, 2025
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation... High Unreviewed
CVE-2025-49384 was published Jun 17, 2025
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49214 was published Jun 17, 2025
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49215 was published Jun 17, 2025
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49218 was published Jun 17, 2025
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an... High Unreviewed
CVE-2025-49211 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to an out-of-bounds write, which may allow an attacker... High Unreviewed
CVE-2025-41413 was published Jun 17, 2025
Fuji Electric Smart Editor is vulnerable to a stack-based buffer overflow, which may allow an... High Unreviewed
CVE-2025-41388 was published Jun 17, 2025
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation... High Unreviewed
CVE-2025-49385 was published Jun 17, 2025
An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result... High Unreviewed
CVE-2025-49848 was published Jun 17, 2025
An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result... High Unreviewed
CVE-2025-49849 was published Jun 17, 2025
A Heap-based Buffer Overflow vulnerability exists within the parsing of PRJ files. The issues... High Unreviewed
CVE-2025-49850 was published Jun 17, 2025
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow... High Unreviewed
CVE-2025-30680 was published Jun 17, 2025
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security... High Unreviewed
CVE-2025-30641 was published Jun 17, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... High Unreviewed
CVE-2025-30640 was published Jun 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database