GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,938
Composer 5,201
Erlang 40
GitHub Actions 38
Go 2,950
Maven 6,244
npm 4,596
NuGet 787
pip 4,301
Pub 12
RubyGems 982
Rust 1,121
Swift 49

Unreviewed advisories

All unreviewed 288,707

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109,460 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an... High Unreviewed

CVE-2026-20098 was published Feb 4, 2026

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE)... High Unreviewed

CVE-2026-20119 was published Feb 4, 2026

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based... High Unreviewed

CVE-2026-0660 was published Feb 4, 2026

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory... High Unreviewed

CVE-2026-0537 was published Feb 4, 2026

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds... High Unreviewed

CVE-2026-0538 was published Feb 4, 2026

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory... High Unreviewed

CVE-2026-0661 was published Feb 4, 2026

When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed... High Unreviewed

CVE-2026-22548 was published Feb 4, 2026

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2025-15368 was published Feb 4, 2026

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport... High Unreviewed

CVE-2026-1642 was published Feb 4, 2026

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed

CVE-2025-15285 was published Feb 4, 2026

The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL Injection via the ... High Unreviewed

CVE-2025-15268 was published Feb 4, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2026-1819 was published Feb 4, 2026

Improper input validation in GalaxyDiagnostics prior to version 3.5.050 allows local privileged... High Unreviewed

CVE-2026-20987 was published Feb 4, 2026

Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers... High Unreviewed

CVE-2026-20985 was published Feb 4, 2026

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release... High Unreviewed

CVE-2026-20983 was published Feb 4, 2026

The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect... High Unreviewed

CVE-2026-1756 was published Feb 4, 2026

Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to... High Unreviewed

CVE-2026-20980 was published Feb 4, 2026

Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers... High Unreviewed

CVE-2026-20979 was published Feb 4, 2026

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom... High Unreviewed

CVE-2025-29867 was published Feb 4, 2026

A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via... High Unreviewed

CVE-2025-69620 was published Feb 4, 2026

Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated... High Unreviewed

CVE-2020-37093 was published Feb 4, 2026

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network... High Unreviewed

CVE-2020-37097 was published Feb 4, 2026

School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers... High Unreviewed

CVE-2020-37088 was published Feb 4, 2026

School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary... High Unreviewed

CVE-2020-37090 was published Feb 4, 2026

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user... High Unreviewed

CVE-2020-37094 was published Feb 4, 2026

Previous 1…6…400 Next

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109,460 advisories