GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,013
Composer 5,216
Erlang 40
GitHub Actions 40
Go 2,967
Maven 6,254
npm 4,612
NuGet 788
pip 4,314
Pub 12
RubyGems 984
Rust 1,121
Swift 49

Unreviewed advisories

All unreviewed 289,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

969 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd... Moderate Unreviewed

CVE-2020-9377 was published May 24, 2022

A vulnerability was found in panhainan DS-Java 1.0 and classified as critical. This issue affects... Moderate Unreviewed

CVE-2025-3842 was published Apr 21, 2025

An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in... Moderate Unreviewed

CVE-2025-31365 was published Oct 14, 2025

SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript... Moderate Unreviewed

CVE-2025-42901 was published Oct 14, 2025

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown... Moderate Unreviewed

CVE-2025-10993 was published Sep 26, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in YayCommerce... Moderate Unreviewed

CVE-2025-60114 was published Sep 26, 2025

An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due... Moderate Unreviewed

CVE-2025-5717 was published Sep 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Tareq Hasan WP User... Moderate Unreviewed

CVE-2025-58673 was published Sep 22, 2025

A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This... Moderate Unreviewed

CVE-2025-7101 was published Jul 7, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18... Moderate Unreviewed

CVE-2025-5101 was published Aug 27, 2025

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43393 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43392 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43390 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the ospf service through... Moderate Unreviewed

CVE-2024-43389 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43391 was published Sep 10, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed

CVE-2025-54019 was published Aug 20, 2025

The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed

CVE-2025-8878 was published Aug 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed

CVE-2025-7961 was published Aug 15, 2025

The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed

CVE-2025-8905 was published Aug 15, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed

CVE-2025-39483 was published Aug 14, 2025

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker... Moderate Unreviewed

CVE-2025-42945 was published Aug 12, 2025

An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4... Moderate Unreviewed

CVE-2025-54940 was published Aug 8, 2025

SAP FICA ODN framework allows a high privileged user to inject value inside the local variable... Moderate Unreviewed

CVE-2025-42947 was published Jul 23, 2025

A locally authenticated, privileged user can craft a malicious OpenSSL configuration file,... Moderate Unreviewed

CVE-2025-0664 was published Jul 21, 2025

Previous 1…3…39 Next

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

969 advisories