GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,545
Composer 4,693
Erlang 34
GitHub Actions 28
Go 2,283
Maven 5,567
npm 3,934
NuGet 708
pip 3,702
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 255,878

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,417 advisories

Filter by severity

Sort by

Least recently updated

A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2025-3509 was published Apr 18, 2025

Pycel allows code injection via a crafted formula High

CVE-2024-53924 was published for pycel (pip) Apr 17, 2025

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... High Unreviewed

CVE-2025-29039 was published Apr 17, 2025

A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated... Critical Unreviewed

CVE-2025-29662 was published Apr 17, 2025

Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run. High Unreviewed

CVE-2025-29661 was published Apr 17, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post... Critical Unreviewed

CVE-2025-32583 was published Apr 17, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real... High Unreviewed

CVE-2025-32596 was published Apr 17, 2025

Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user... Critical Unreviewed

CVE-2024-56518 was published Apr 17, 2025

Phoneservice module is affected by code injection vulnerability, successful exploitation of this... High Unreviewed

CVE-2025-1532 was published Apr 17, 2025

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0... Critical Unreviewed

CVE-2025-1568 was published Apr 17, 2025

A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2... High Unreviewed

CVE-2024-53303 was published Apr 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up... Moderate Unreviewed

CVE-2025-26996 was published Apr 16, 2025

A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron... High Unreviewed

CVE-2024-50960 was published Apr 15, 2025

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability... High Unreviewed

CVE-2025-29281 was published Apr 15, 2025

In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open... Critical Unreviewed

CVE-2025-3579 was published Apr 15, 2025

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly... Critical Unreviewed

CVE-2025-1782 was published Apr 14, 2025

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue... Moderate Unreviewed

CVE-2025-3563 was published Apr 14, 2025

Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and... High Unreviewed

CVE-2023-42875 was published Apr 11, 2025

The The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for... Moderate Unreviewed

CVE-2025-3422 was published Apr 11, 2025

A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed

CVE-2024-13861 was published Apr 11, 2025

The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2025-2805 was published Apr 10, 2025

The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2025-2809 was published Apr 10, 2025

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

Code Execution via Malicious Files: Attackers can create specially crafted files with embedded... Critical Unreviewed

CVE-2025-3114 was published Apr 9, 2025

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed

CVE-2025-31330 was published Apr 8, 2025

Previous 1 2 3 4 5 … 176 177 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,417 advisories