Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,808 advisories

Loading
A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed
CVE-2025-3982 was published Apr 27, 2025
IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed
CVE-2025-46661 was published Apr 28, 2025
An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute... Moderate Unreviewed
CVE-2025-28201 was published May 9, 2025
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of... High Unreviewed
CVE-2024-21683 was published May 22, 2024
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because... High Unreviewed
CVE-2023-22514 was published Jan 16, 2024
Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed
CVE-2025-29509 was published May 9, 2025
Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management... Critical Unreviewed
CVE-2025-46191 was published May 9, 2025
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Critical Unreviewed
CVE-2025-28203 was published May 9, 2025
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed
CVE-2025-4208 was published May 8, 2025
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13793 was published May 8, 2025
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed
CVE-2024-13861 was published Apr 11, 2025
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as... Critical Unreviewed
CVE-2020-21016 was published Oct 31, 2022
Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member... Moderate Unreviewed
CVE-2025-47691 was published May 7, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in GS Plugins GS... Moderate Unreviewed
CVE-2025-47481 was published May 7, 2025
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed
CVE-2024-0220 was published Feb 22, 2024
An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior... Critical Unreviewed
CVE-2024-41339 was published Feb 27, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... Critical Unreviewed
CVE-2024-41334 was published Feb 27, 2025
Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a... Moderate Unreviewed
CVE-2024-13420 was published May 2, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2025-44071 was published May 6, 2025
The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-2802 was published May 6, 2025
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS... High Unreviewed
CVE-2022-32924 was published Nov 2, 2022
The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable... High Unreviewed
CVE-2024-13738 was published May 3, 2025
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed
CVE-2022-37905 was published Dec 12, 2022
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed
CVE-2022-37904 was published Dec 12, 2022
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics... High Unreviewed
CVE-2025-2421 was published May 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database