GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,545
Composer 4,693
Erlang 34
GitHub Actions 28
Go 2,283
Maven 5,567
npm 3,934
NuGet 708
pip 3,702
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 255,878

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,215 advisories

Filter by severity

Sort by

Least recently updated

In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code... High Unreviewed

CVE-2022-42902 was published Oct 13, 2022

iKuai8 v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. High Unreviewed

CVE-2022-40469 was published Oct 12, 2022

Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed

CVE-2022-41534 was published Oct 14, 2022

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed

CVE-2025-3053 was published May 15, 2025

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed

CVE-2024-54780 was published May 14, 2025

The rphone module has a script that can be maliciously modified.Successful exploitation of this... High Unreviewed

CVE-2022-41576 was published Oct 14, 2022

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed

CVE-2025-4428 was published May 13, 2025

SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed

CVE-2025-43010 was published May 13, 2025

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of... High Unreviewed

CVE-2024-21683 was published May 22, 2024

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because... High Unreviewed

CVE-2023-22514 was published Jan 16, 2024

The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to... High Unreviewed

CVE-2024-13793 was published May 8, 2025

A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed

CVE-2024-13861 was published Apr 11, 2025

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed

CVE-2024-0220 was published Feb 22, 2024

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2025-2802 was published May 6, 2025

The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS... High Unreviewed

CVE-2022-32924 was published Nov 2, 2022

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable... High Unreviewed

CVE-2024-13738 was published May 3, 2025

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed

CVE-2022-37904 was published Dec 12, 2022

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed

CVE-2022-37905 was published Dec 12, 2022

Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics... High Unreviewed

CVE-2025-2421 was published May 2, 2025

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user... High Unreviewed

CVE-2025-1976 was published Apr 24, 2025

A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI... High Unreviewed

CVE-2021-3661 was published Dec 12, 2022

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE... High Unreviewed

CVE-2025-46579 was published Apr 27, 2025

The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed

CVE-2025-3491 was published Apr 26, 2025

The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin... High Unreviewed

CVE-2025-2801 was published Apr 26, 2025

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in... High Unreviewed

CVE-2024-13808 was published Apr 26, 2025

Previous 1 2 3 4 5 … 88 89 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,215 advisories