Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

704 advisories

Loading
Nagios Log Server versions prior to 2024R1.3.1 contain a code injection vulnerability where... Critical Unreviewed
CVE-2025-34277 was published Oct 31, 2025
SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute... Critical Unreviewed
CVE-2024-30923 was published Apr 18, 2024
iib0011 omni-tools v0.4.0 is vulnerable to remote code execution via unsafe JSON deserialization. Critical Unreviewed
CVE-2025-50739 was published Oct 30, 2025
An administrator with restricted permissions can exploit the script execution functionality... Critical Unreviewed
CVE-2024-22116 was published Aug 12, 2024
A mismatch between allocator and deallocator could have lead to memory corruption. This... Critical Unreviewed
CVE-2024-6602 was published Jul 9, 2024
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27678 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27657 was published Mar 5, 2025
In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at... Critical Unreviewed
CVE-2024-53920 was published Nov 27, 2024
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an... Critical Unreviewed
CVE-2025-1011 was published Feb 4, 2025
An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute... Critical Unreviewed
CVE-2023-36177 was published Jan 24, 2024
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise... Critical Unreviewed
CVE-2014-5401 was published May 13, 2022
Improper Control of Generation of Code ('Code Injection') vulnerability in videowhisper Paid... Critical Unreviewed
CVE-2025-62959 was published Oct 27, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque... Critical Unreviewed
CVE-2025-62023 was published Oct 22, 2025
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or... Critical Unreviewed
CVE-2014-6287 was published May 13, 2022
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection... Critical Unreviewed
CVE-2024-23692 was published May 31, 2024
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in... Critical Unreviewed
CVE-2023-29492 was published Apr 11, 2023
Unauthenticated remote code execution Critical Unreviewed
CVE-2023-3519 was published Jul 19, 2023
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability... Critical Unreviewed
CVE-2022-22954 was published Apr 12, 2022
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed
CVE-2021-44529 was published Dec 9, 2021
There was a server-side template injection vulnerability in Jira Server and Data Center, in the... Critical Unreviewed
CVE-2019-11581 was published May 24, 2022
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion... Critical Unreviewed
CVE-2019-7609 was published May 13, 2022
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET... Critical Unreviewed
CVE-2023-25717 was published Feb 13, 2023
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to... Critical Unreviewed
CVE-2022-3236 was published Sep 25, 2022
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code... Critical Unreviewed
CVE-2017-7494 was published May 14, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab... Critical Unreviewed
CVE-2021-22205 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database