Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,781
Erlang
36
GitHub Actions
29
Go
2,346
Maven
5,000+
npm
3,976
NuGet
720
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,538 advisories

Loading
Windows WebBrowser Control Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30194 was published Aug 10, 2022
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022... High Unreviewed
CVE-2022-30175 was published Aug 10, 2022
An issue was discovered in Object First 1.0.7.712. Management protocol has a flow which allows a... High Unreviewed
CVE-2022-44794 was published Nov 7, 2022
Remote Code Execution vulnerability in Apache IoTDB via UDF High
CVE-2023-46226 was published for apache-iotdb (Maven) Jan 15, 2024
This issue was addressed by forcing hardened runtime on the affected binaries at the system level... High Unreviewed
CVE-2023-32383 was published Jan 11, 2024
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3509 was published Apr 18, 2025
The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a... High Unreviewed
CVE-2025-5309 was published Jun 16, 2025
XWiki allows remote code execution through default value of wiki macro wiki-type parameters High
CVE-2025-49581 was published for org.xwiki.platform:xwiki-platform-rendering-wikimacro-store (Maven) Jun 13, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... High Unreviewed
CVE-2025-25021 was published Jun 3, 2025
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2024-32358 was published Apr 25, 2024
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-29505 was published for com.thoughtworks.xstream:xstream (Maven) May 18, 2021
decsecre583
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022... High Unreviewed
CVE-2022-35773 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-35767 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-34714 was published Aug 10, 2022
Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed
CVE-2025-32801 was published May 28, 2025
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to... High Unreviewed
CVE-2022-28640 was published Sep 21, 2022
A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary... High Unreviewed
CVE-2025-45752 was published May 21, 2025
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed
CVE-2024-13952 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials... High Unreviewed
CVE-2024-9639 was published May 22, 2025
SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database... High Unreviewed
CVE-2024-13928 was published May 22, 2025
Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator... High Unreviewed
CVE-2024-13929 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials... High Unreviewed
CVE-2025-30172 was published May 22, 2025
A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an attacker with admin privileges... High Unreviewed
CVE-2025-45753 was published May 21, 2025
An issue in Valvesoftware Steam Client Steam Client 1738026274 allows attackers to escalate... High Unreviewed
CVE-2025-27998 was published May 21, 2025
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an... High Unreviewed
CVE-2022-40497 was published Sep 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database