GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,523
Composer 4,691
Erlang 34
GitHub Actions 27
Go 2,276
Maven 5,563
npm 3,931
NuGet 708
pip 3,699
Pub 12
RubyGems 919
Rust 957
Swift 38

Unreviewed advisories

All unreviewed 255,503

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,403 advisories

Filter by severity

Sort by

Least recently updated

An issue in Termius Version 9.9.0 through v.9.16.0 allows a physically proximate attacker to... Critical Unreviewed

CVE-2024-57061 was published Mar 19, 2025

An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7... Critical Unreviewed

CVE-2025-29401 was published Mar 19, 2025

An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to... Critical Unreviewed

CVE-2024-48818 was published Mar 25, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Visual Text... Critical Unreviewed

CVE-2025-28893 was published Mar 26, 2025

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows.... Moderate Unreviewed

CVE-2024-27793 was published May 14, 2024

A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to... Critical Unreviewed

CVE-2024-55028 was published Mar 25, 2025

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted... Critical Unreviewed

CVE-2024-31666 was published Apr 22, 2024

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a... Critical Unreviewed

CVE-2024-22632 was published Apr 26, 2024

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability... High Unreviewed

CVE-2024-40552 was published Jul 12, 2024

A code execution vulnerability exists in the XiaomiGetApps application product. This... High Unreviewed

CVE-2024-45346 was published Aug 28, 2024

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8... Moderate Unreviewed

CVE-2025-2867 was published Mar 27, 2025

Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution... High Unreviewed

CVE-2024-28893 was published May 1, 2024

Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when... Critical Unreviewed

CVE-2025-26003 was published Mar 26, 2025

An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-41643 was published Mar 26, 2025

KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare )... High Unreviewed

CVE-2025-2787 was published Mar 26, 2025

Apache Kylin Code Injection via JDBC Configuration Alteration Low

CVE-2025-30067 was published for org.apache.kylin:kylin (Maven) Mar 27, 2025

An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to... Critical Unreviewed

CVE-2024-24525 was published Feb 29, 2024

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed

CVE-2022-27537 was published Feb 1, 2023

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2024-31004 was published Apr 2, 2024

An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2024-25249 was published Feb 21, 2024

Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the... Critical Unreviewed

CVE-2022-48175 was published Jan 31, 2023

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case... Critical Unreviewed

CVE-2025-29306 was published Mar 27, 2025

AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the... High Unreviewed

CVE-2022-48116 was published Jan 27, 2023

The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2024-13557 was published Mar 29, 2025

The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2025-2803 was published Mar 29, 2025

Previous 1 2 … 156 157 158 159 160 … 176 177 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,403 advisories