GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,036
Composer 4,791
Erlang 36
GitHub Actions 29
Go 2,370
Maven 5,681
npm 3,995
NuGet 720
pip 3,789
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 261,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

656 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound DigiWidgets... Critical Unreviewed

CVE-2025-30580 was published Apr 1, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Rometheme RomethemeKit... Critical Unreviewed

CVE-2025-30911 was published Apr 1, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi... Critical Unreviewed

CVE-2024-54806 was published Mar 31, 2025

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in... Critical Unreviewed

CVE-2024-54807 was published Mar 31, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed

CVE-2024-54804 was published Mar 31, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed

CVE-2024-54805 was published Mar 31, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed

CVE-2024-54803 was published Mar 31, 2025

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case... Critical Unreviewed

CVE-2025-29306 was published Mar 27, 2025

Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when... Critical Unreviewed

CVE-2025-26003 was published Mar 26, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Visual Text... Critical Unreviewed

CVE-2025-28893 was published Mar 26, 2025

An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to... Critical Unreviewed

CVE-2024-48818 was published Mar 25, 2025

A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to... Critical Unreviewed

CVE-2024-55028 was published Mar 25, 2025

An improper control of generation of code ('Code Injection') vulnerability in the... Critical Unreviewed

CVE-2024-45480 was published Mar 25, 2025

A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an... Critical Unreviewed

CVE-2024-8581 was published Mar 20, 2025

An issue in Termius Version 9.9.0 through v.9.16.0 allows a physically proximate attacker to... Critical Unreviewed

CVE-2024-57061 was published Mar 19, 2025

An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7... Critical Unreviewed

CVE-2025-29401 was published Mar 19, 2025

An issue was discovered in Exasol jdbc driver 24.2.0. Attackers can inject malicious parameters... Critical Unreviewed

CVE-2024-55551 was published Mar 19, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Fresh... Critical Unreviewed

CVE-2025-26936 was published Mar 10, 2025

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-42733 was published Mar 7, 2025

FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index... Critical Unreviewed

CVE-2025-25789 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27678 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27657 was published Mar 5, 2025

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows... Critical Unreviewed

CVE-2024-50704 was published Mar 4, 2025

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows... Critical Unreviewed

CVE-2024-50707 was published Mar 4, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ark Theme... Critical Unreviewed

CVE-2025-26970 was published Mar 3, 2025

Previous 1 2 3 4 5 … 26 27 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

656 advisories