Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,435 advisories

Loading
settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute... Moderate Unreviewed
CVE-2013-0204 was published May 5, 2022
Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on... High Unreviewed
CVE-2014-2044 was published May 14, 2022
Dolibarr ERP CRM Code Injection vulnerability during installation Moderate
CVE-2024-29477 was published for dolibarr/dolibarr (Composer) Apr 3, 2024
Zenario uses Twig filters insecurely in the Twig Snippet plugin Critical
CVE-2024-34461 was published for tribalsystems/zenario (Composer) May 4, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Rometheme RomethemeKit... Critical Unreviewed
CVE-2025-30911 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS... High Unreviewed
CVE-2025-24243 was published Apr 1, 2025
Deserialization of Untrusted Data and Code Injection in xstream Critical
CVE-2019-10173 was published for com.thoughtworks.xstream:xstream (Maven) Jul 26, 2019
Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound DigiWidgets... Critical Unreviewed
CVE-2025-30580 was published Apr 1, 2025
Remote Code Execution in com.bstek.uflo:uflo-core Critical
CVE-2022-25894 was published for com.bstek.uflo:uflo-core (Maven) Jan 26, 2023
Remote code execution in simple-git Critical
CVE-2022-25860 was published for simple-git (npm) Jan 26, 2023
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-29806 was published Mar 23, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed
CVE-2024-54803 was published Mar 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed
CVE-2024-54805 was published Mar 31, 2025
In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in... Critical Unreviewed
CVE-2024-54807 was published Mar 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi... Critical Unreviewed
CVE-2024-54806 was published Mar 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed
CVE-2024-54804 was published Mar 31, 2025
Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify... High Unreviewed
CVE-2023-24059 was published Jan 22, 2023
Command injection in yiisoft/yii2-gii High
CVE-2020-36655 was published for yiisoft/yii2-gii (Composer) Jan 21, 2023
Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution High
CVE-2025-31722 was published for org.jenkins-ci.plugins:templating-engine (Maven) Apr 2, 2025
Spacy-LLM Server-Side Template Injection (SSTI) vulnerability High
CVE-2025-25362 was published for spacy-llm (pip) Mar 5, 2025
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import... High Unreviewed
CVE-1999-0702 was published Apr 30, 2022
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files... Moderate Unreviewed
CVE-1999-0891 was published Apr 30, 2022
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local... High Unreviewed
CVE-2000-0155 was published Apr 30, 2022
PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the... High Unreviewed
CVE-2002-1991 was published Apr 30, 2022
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange... High Unreviewed
CVE-2002-2019 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database