Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,694
Erlang
34
GitHub Actions
28
Go
2,284
Maven
5,000+
npm
3,936
NuGet
708
pip
3,706
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,421 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP... Moderate Unreviewed
CVE-2025-48119 was published May 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG... Moderate Unreviewed
CVE-2025-47562 was published May 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite... Moderate Unreviewed
CVE-2025-48120 was published May 16, 2025
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed
CVE-2025-26845 was published May 8, 2025
In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code... High Unreviewed
CVE-2022-42902 was published Oct 13, 2022
Dolibarr vulnerable to Eval Injection Critical
CVE-2022-40871 was published for dolibarr/dolibarr (Composer) Oct 12, 2022
Apache IoTDB Vulnerable to Remote Code Execution Critical
CVE-2024-24780 was published for org.apache.iotdb:iotdb-core (Maven) May 14, 2025
mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed
CVE-2025-32363 was published May 14, 2025
iKuai8 v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. High Unreviewed
CVE-2022-40469 was published Oct 12, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed
CVE-2022-41534 was published Oct 14, 2022
Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed
CVE-2023-5677 was published Feb 5, 2024
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-3053 was published May 15, 2025
A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0134 was published May 14, 2025
Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed
CVE-2015-2079 was published Apr 28, 2025
A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-4022 was published Apr 28, 2025
Cosmos EVM Allows Partial Precompile State Writes High
GHSA-mjfq-3qr2-6g84 was published for github.com/cosmos/evm (Go) May 14, 2025
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed
CVE-2024-54780 was published May 14, 2025
EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2025-45857 was published May 13, 2025
The rphone module has a script that can be maliciously modified.Successful exploitation of this... High Unreviewed
CVE-2022-41576 was published Oct 14, 2022
GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2022-41544 was published Oct 18, 2022
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed
CVE-2025-4428 was published May 13, 2025
Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed
CVE-2025-23376 was published Apr 28, 2025
SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed
CVE-2025-43010 was published May 13, 2025
An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin... Critical Unreviewed
CVE-2025-44022 was published May 12, 2025
A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed
CVE-2025-3982 was published Apr 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database