GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,894
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,706
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

712 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed

CVE-2025-32363 was published May 14, 2025

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2025-45857 was published May 13, 2025

An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin... Critical Unreviewed

CVE-2025-44022 was published May 12, 2025

Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed

CVE-2025-29509 was published May 9, 2025

Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management... Critical Unreviewed

CVE-2025-46191 was published May 9, 2025

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Critical Unreviewed

CVE-2025-28203 was published May 9, 2025

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed

CVE-2025-26845 was published May 8, 2025

SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2025-44071 was published May 6, 2025

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-45947 was published Apr 28, 2025

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed

CVE-2015-2079 was published Apr 28, 2025

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php... Critical Unreviewed

CVE-2023-43958 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade... Critical Unreviewed

CVE-2025-29058 was published Apr 18, 2025

A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated... Critical Unreviewed

CVE-2025-29662 was published Apr 17, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post... Critical Unreviewed

CVE-2025-32583 was published Apr 17, 2025

Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user... Critical Unreviewed

CVE-2024-56518 was published Apr 17, 2025

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0... Critical Unreviewed

CVE-2025-1568 was published Apr 17, 2025

In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open... Critical Unreviewed

CVE-2025-3579 was published Apr 15, 2025

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly... Critical Unreviewed

CVE-2025-1782 was published Apr 14, 2025

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

Code Execution via Malicious Files: Attackers can create specially crafted files with embedded... Critical Unreviewed

CVE-2025-3114 was published Apr 9, 2025

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed

CVE-2025-31330 was published Apr 8, 2025

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function... Critical Unreviewed

CVE-2025-27429 was published Apr 8, 2025

Previous 1…4…29 Next

Previous 1 2 3 4 5 6 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

712 advisories