Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,104 advisories

Loading
Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an... Moderate Unreviewed
CVE-2025-42902 was published Oct 14, 2025
A vulnerability in SAP Financial Service Claims Management RFC function... Moderate Unreviewed
CVE-2025-42903 was published Oct 14, 2025
SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript... Moderate Unreviewed
CVE-2025-42901 was published Oct 14, 2025
SAP S/4HANA (Manage Processing Rules - For Bank Statements) allows an authenticated attacker with... Moderate Unreviewed
CVE-2025-42939 was published Oct 14, 2025
SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web... Moderate Unreviewed
CVE-2025-42906 was published Oct 14, 2025
Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP NetWeaver Application Server for... Moderate Unreviewed
CVE-2025-42908 was published Oct 14, 2025
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for... Moderate Unreviewed
CVE-2014-0786 was published May 17, 2022
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62389 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62391 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62392 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62390 was published Oct 14, 2025
Liferay Portal 7.3.0 through 7.4.3.119, and Liferay DXP 2023.Q3.1 through 2023.Q3.8, 2023.Q4.0... Moderate Unreviewed
CVE-2025-62251 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62384 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62388 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-11623 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62385 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62383 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62386 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62387 was published Oct 14, 2025
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows... Moderate Unreviewed
CVE-2014-2377 was published May 17, 2022
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do... Moderate Unreviewed
CVE-2014-2379 was published May 17, 2022
A flaw has been found in Portabilis i-Educar up to 2.10. The affected element is an unknown... Moderate Unreviewed
CVE-2025-9721 was published Oct 13, 2025
A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an... Moderate Unreviewed
CVE-2025-9722 was published Oct 13, 2025
A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function... Moderate Unreviewed
CVE-2025-9720 was published Oct 13, 2025
A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of... Moderate Unreviewed
CVE-2025-9723 was published Oct 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database