Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,698
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,939
NuGet
708
pip
3,708
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,514 advisories

Loading
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-3053 was published May 15, 2025
Cosmos EVM Allows Partial Precompile State Writes High
GHSA-mjfq-3qr2-6g84 was published for github.com/cosmos/evm (Go) May 14, 2025
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed
CVE-2024-54780 was published May 14, 2025
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed
CVE-2025-4428 was published May 13, 2025
SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed
CVE-2025-43010 was published May 13, 2025
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13793 was published May 8, 2025
The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-2802 was published May 6, 2025
The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable... High Unreviewed
CVE-2024-13738 was published May 3, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics... High Unreviewed
CVE-2025-2421 was published May 2, 2025
OPA server Data API HTTP path injection of Rego High
CVE-2025-46569 was published for github.com/open-policy-agent/opa (Go) May 1, 2025
GamrayW HyouKash
AdrienIT
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE... High Unreviewed
CVE-2025-46579 was published Apr 27, 2025
The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed
CVE-2025-3491 was published Apr 26, 2025
The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in... High Unreviewed
CVE-2024-13808 was published Apr 26, 2025
The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin... High Unreviewed
CVE-2025-2801 was published Apr 26, 2025
Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository High
CVE-2025-3642 was published for moodle/moodle (Composer) Apr 25, 2025
Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository High
CVE-2025-3641 was published for moodle/moodle (Composer) Apr 25, 2025
The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed
CVE-2025-3776 was published Apr 24, 2025
Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user... High Unreviewed
CVE-2025-1976 was published Apr 24, 2025
NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of... High Unreviewed
CVE-2025-23251 was published Apr 22, 2025
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3509 was published Apr 18, 2025
Pycel allows code injection via a crafted formula High
CVE-2024-53924 was published for pycel (pip) Apr 17, 2025
Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run. High Unreviewed
CVE-2025-29661 was published Apr 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-29039 was published Apr 17, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real... High Unreviewed
CVE-2025-32596 was published Apr 17, 2025
Phoneservice module is affected by code injection vulnerability, successful exploitation of this... High Unreviewed
CVE-2025-1532 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database