GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,031
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,685

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,282 advisories

Filter by severity

Sort by

Least recently updated

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed

CVE-2025-0067 was published Jan 14, 2025

An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed

CVE-2025-0068 was published Jan 14, 2025

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain... Moderate Unreviewed

CVE-2025-0053 was published Jan 14, 2025

Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input... Moderate Unreviewed

CVE-2025-0059 was published Jan 14, 2025

SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting... Moderate Unreviewed

CVE-2025-0057 was published Jan 14, 2025

SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted... Moderate Unreviewed

CVE-2025-0060 was published Jan 14, 2025

SAP GUI for Java saves user input on the client PC to improve usability. An attacker with... Moderate Unreviewed

CVE-2025-0056 was published Jan 14, 2025

SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific... Moderate Unreviewed

CVE-2025-0055 was published Jan 14, 2025

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a... Moderate Unreviewed

CVE-2025-0058 was published Jan 14, 2025

The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is... Moderate Unreviewed

CVE-2024-11396 was published Jan 14, 2025

Path Traversal Vulnerabilities (CWE-22) exist in NJ/NX-series Machine Automation Controllers. An... Moderate Unreviewed

CVE-2024-12083 was published Jan 14, 2025

We found a vulnerability Improper Restriction of XML External Entity Reference (CWE-611) in NB... Moderate Unreviewed

CVE-2024-12298 was published Jan 14, 2025

Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile. Moderate Unreviewed

CVE-2024-12211 was published Jan 13, 2025

A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead... Moderate Unreviewed

CVE-2024-6352 was published Jan 13, 2025

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100,... Moderate Unreviewed

CVE-2024-46919 was published Jan 13, 2025

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name... Moderate Unreviewed

CVE-2024-54999 was published Jan 13, 2025

Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed

CVE-2024-57488 was published Jan 13, 2025

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100,... Moderate Unreviewed

CVE-2024-46920 was published Jan 13, 2025

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820,... Moderate Unreviewed

CVE-2024-48883 was published Jan 13, 2025

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file... Moderate Unreviewed

CVE-2024-57487 was published Jan 13, 2025

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22800 was published Jan 13, 2025

CloudStack users can add and read comments (annotations) on resources they are authorised to... Moderate Unreviewed

CVE-2025-22828 was published Jan 13, 2025

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU... Moderate Unreviewed

CVE-2024-52937 was published Jan 13, 2025

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU... Moderate Unreviewed

CVE-2024-52935 was published Jan 13, 2025

The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and... Moderate Unreviewed

CVE-2024-11636 was published Jan 13, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,282 advisories