GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,585
Composer 5,151
Erlang 40
GitHub Actions 38
Go 2,867
Maven 6,224
npm 4,488
NuGet 780
pip 4,244
Pub 12
RubyGems 975
Rust 1,096
Swift 49

Unreviewed advisories

All unreviewed 287,069

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108,690 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

HTC IPTInstaller 4.0.9 contains an unquoted service path vulnerability in the PassThru Service... High Unreviewed

CVE-2020-36933 was published Jan 25, 2026

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI... High Unreviewed

CVE-2020-36935 was published Jan 25, 2026

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows... High Unreviewed

CVE-2020-36936 was published Jan 25, 2026

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows... High Unreviewed

CVE-2020-36937 was published Jan 25, 2026

Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the... High Unreviewed

CVE-2020-36934 was published Jan 25, 2026

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable... High Unreviewed

CVE-2026-0911 was published Jan 24, 2026

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress... High Unreviewed

CVE-2026-0800 was published Jan 24, 2026

The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed

CVE-2026-1257 was published Jan 24, 2026

The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed

CVE-2026-0807 was published Jan 24, 2026

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers... High Unreviewed

CVE-2025-70986 was published Jan 23, 2026

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows... High Unreviewed

CVE-2025-67230 was published Jan 23, 2026

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that... High Unreviewed

CVE-2021-47904 was published Jan 23, 2026

LogonExpert 8.1 contains an unquoted service path vulnerability in the LogonExpertSvc service... High Unreviewed

CVE-2021-47890 was published Jan 23, 2026

LiteSpeed Web Server Enterprise 5.4.11 contains an authenticated command injection vulnerability... High Unreviewed

CVE-2021-47903 was published Jan 23, 2026

Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service... High Unreviewed

CVE-2021-47898 was published Jan 23, 2026

PDF Complete Corporate Edition 4.1.45 contains an unquoted service path vulnerability in the... High Unreviewed

CVE-2021-47896 was published Jan 23, 2026

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability... High Unreviewed

CVE-2021-47888 was published Jan 23, 2026

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the... High Unreviewed

CVE-2021-47889 was published Jan 23, 2026

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in... High Unreviewed

CVE-2025-66720 was published Jan 23, 2026

An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to... High Unreviewed

CVE-2025-69908 was published Jan 23, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2026-24609 was published Jan 23, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2026-24608 was published Jan 23, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2026-24624 was published Jan 23, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2026-24635 was published Jan 23, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2026-24572 was published Jan 23, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

108,690 advisories