GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,558
Composer 4,458
Erlang 33
GitHub Actions 22
Go 2,156
Maven 5,338
npm 3,818
NuGet 693
pip 3,497
Pub 12
RubyGems 903
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 247,155

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

115,652 advisories

Filter by severity

Sort by

Least recently updated

The ProductDyno plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘res... Moderate Unreviewed

CVE-2024-13413 was published Mar 11, 2025

The Appsero Helper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13436 was published Mar 11, 2025

Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This... Moderate Unreviewed

CVE-2025-26707 was published Mar 11, 2025

An authenticated user with low privileges can exploit a missing authorization check in an IBS... Moderate Unreviewed

CVE-2025-23188 was published Mar 11, 2025

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web... Moderate Unreviewed

CVE-2025-25245 was published Mar 11, 2025

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to... Moderate Unreviewed

CVE-2024-49823 was published Mar 11, 2025

SAP NetWeaver Application Server ABAP allows malicious scripts to be executed in the application,... Moderate Unreviewed

CVE-2025-25242 was published Mar 11, 2025

User management functionality in SAP NetWeaver Application Server Java is vulnerable to Stored... Moderate Unreviewed

CVE-2025-27431 was published Mar 11, 2025

SAP Fiori applications using the posting library fail to properly configure security settings... Moderate Unreviewed

CVE-2025-26660 was published Mar 11, 2025

OData Service in Manage Purchasing Info Records does not perform necessary authorization checks... Moderate Unreviewed

CVE-2025-26656 was published Mar 11, 2025

SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative... Moderate Unreviewed

CVE-2025-0071 was published Mar 11, 2025

SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed

CVE-2025-23194 was published Mar 11, 2025

The Service Layer in SAP Business One, allows attackers to potentially gain unauthorized access... Moderate Unreviewed

CVE-2025-26658 was published Mar 11, 2025

SAP BusinessObjects Business Intelligence Platform allows an attacker to inject JavaScript code... Moderate Unreviewed

CVE-2025-0062 was published Mar 11, 2025

Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical... Moderate Unreviewed

CVE-2025-23185 was published Mar 11, 2025

SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs,... Moderate Unreviewed

CVE-2025-26659 was published Mar 11, 2025

SAP Business Warehouse (Process Chains) allows an attacker to manipulate the process execution... Moderate Unreviewed

CVE-2025-25244 was published Mar 11, 2025

The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain... Moderate Unreviewed

CVE-2025-27433 was published Mar 11, 2025

The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an... Moderate Unreviewed

CVE-2025-27436 was published Mar 11, 2025

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-22340 was published Mar 11, 2025

A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute... Moderate Unreviewed

CVE-2025-25908 was published Mar 11, 2025

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration... Moderate Unreviewed

CVE-2025-27926 was published Mar 11, 2025

Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to... Moderate Unreviewed

CVE-2025-27924 was published Mar 11, 2025

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between... Moderate Unreviewed

CVE-2022-49547 was published Mar 11, 2025

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move... Moderate Unreviewed

CVE-2022-49542 was published Mar 11, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

115,652 advisories