GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,567
Composer 4,697
Erlang 34
GitHub Actions 28
Go 2,289
Maven 5,573
npm 3,936
NuGet 708
pip 3,706
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

898 advisories

Filter by severity

Sort by

Least recently updated

Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP... Moderate Unreviewed

CVE-2025-48119 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite... Moderate Unreviewed

CVE-2025-48120 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG... Moderate Unreviewed

CVE-2025-47562 was published May 16, 2025

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed

CVE-2025-0134 was published May 14, 2025

An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute... Moderate Unreviewed

CVE-2025-28201 was published May 9, 2025

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed

CVE-2025-4208 was published May 8, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member... Moderate Unreviewed

CVE-2025-47691 was published May 7, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in GS Plugins GS... Moderate Unreviewed

CVE-2025-47481 was published May 7, 2025

Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2024-13420 was published May 2, 2025

Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET... Moderate Unreviewed

CVE-2024-32499 was published Apr 28, 2025

OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution. Moderate Unreviewed

CVE-2023-42404 was published Apr 28, 2025

A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-4022 was published Apr 28, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-13812 was published Apr 26, 2025

A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR... Moderate Unreviewed

CVE-2025-0618 was published Apr 23, 2025

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2025-3472 was published Apr 22, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up... Moderate Unreviewed

CVE-2025-26996 was published Apr 16, 2025

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue... Moderate Unreviewed

CVE-2025-3563 was published Apr 14, 2025

The The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for... Moderate Unreviewed

CVE-2025-3422 was published Apr 11, 2025

SAP ERP BW Business Content is vulnerable to OS Command Injection through certain function... Moderate Unreviewed

CVE-2025-30013 was published Apr 8, 2025

A vulnerability was found in Tencent Music Entertainment SuperSonic up to 0.9.8. It has been... Moderate Unreviewed

CVE-2025-3164 was published Apr 3, 2025

The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2024-13557 was published Mar 29, 2025

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8... Moderate Unreviewed

CVE-2025-2867 was published Mar 27, 2025

An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-41643 was published Mar 26, 2025

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-29806 was published Mar 23, 2025

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

898 advisories