GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,265
Composer 4,633
Erlang 34
GitHub Actions 25
Go 2,241
Maven 5,485
npm 3,902
NuGet 701
pip 3,669
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,833

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

601 advisories

Filter by severity

Sort by

Least recently updated

A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated... Critical Unreviewed

CVE-2025-29662 was published Apr 17, 2025

TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed

CVE-2023-51018 was published Dec 22, 2023

A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-26014 was published Feb 21, 2025

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0... Critical Unreviewed

CVE-2025-1568 was published Apr 17, 2025

The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted,... Critical Unreviewed

CVE-2021-22646 was published Jul 29, 2022

Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post... Critical Unreviewed

CVE-2025-32583 was published Apr 17, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27657 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27678 was published Mar 5, 2025

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows... Critical Unreviewed

CVE-2024-29500 was published Apr 10, 2024

Code Execution via Malicious Files: Attackers can create specially crafted files with embedded... Critical Unreviewed

CVE-2025-3114 was published Apr 9, 2025

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a... Critical Unreviewed

CVE-2025-28146 was published Apr 4, 2025

In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open... Critical Unreviewed

CVE-2025-3579 was published Apr 15, 2025

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly... Critical Unreviewed

CVE-2025-1782 was published Apr 14, 2025

Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP... Critical Unreviewed

CVE-2015-5721 was published May 17, 2022

The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS)... Critical Unreviewed

CVE-2022-48198 was published Jan 1, 2023

Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto... Critical Unreviewed

CVE-2024-25096 was published Apr 3, 2024

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over... Critical Unreviewed

CVE-2025-3115 was published Apr 9, 2025

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed

CVE-2025-31330 was published Apr 8, 2025

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function... Critical Unreviewed

CVE-2025-27429 was published Apr 8, 2025

An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2025-29064 was published Apr 3, 2025

Netwrix Password Secure through 9.2 allows command injection. Critical Unreviewed

CVE-2025-26818 was published Apr 3, 2025

The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all... Critical Unreviewed

CVE-2024-13645 was published Apr 4, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a... Critical Unreviewed

CVE-2024-54804 was published Mar 31, 2025

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi... Critical Unreviewed

CVE-2024-54806 was published Mar 31, 2025

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in... Critical Unreviewed

CVE-2024-54807 was published Mar 31, 2025

Previous 1 2 3 4 5 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

601 advisories