GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,399
Composer 5,123
Erlang 40
GitHub Actions 38
Go 2,820
Maven 6,204
npm 4,444
NuGet 774
pip 4,215
Pub 12
RubyGems 970
Rust 1,089
Swift 47

Unreviewed advisories

All unreviewed 285,433

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,352 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Wing FTP Server versions 4.3.8 and below contain an authenticated remote code execution... High Unreviewed

CVE-2022-50934 was published Jan 14, 2026

NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution... High Unreviewed

CVE-2022-50898 was published Jan 14, 2026

4images 1.9 contains a remote command execution vulnerability that allows authenticated... High Unreviewed

CVE-2022-50806 was published Jan 14, 2026

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious... High Unreviewed

CVE-2025-41717 was published Jan 13, 2026

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office... High Unreviewed

CVE-2009-0556 was published May 2, 2022

An SSTI (Server-Side Template Injection) vulnerability exists in the get_address_display method... High Unreviewed

CVE-2025-66437 was published Dec 15, 2025

An improper control of generation of code vulnerability has been reported to affect Malware... High Unreviewed

CVE-2025-11837 was published Jan 2, 2026

The Lucky Wheel for WooCommerce – Spin a Sale plugin for WordPress is vulnerable to PHP Code... High Unreviewed

CVE-2025-14509 was published Dec 30, 2025

The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to,... High Unreviewed

CVE-2025-13592 was published Dec 29, 2025

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to... High Unreviewed

CVE-2023-53888 was published Dec 15, 2025

Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability.... High Unreviewed

CVE-2025-14926 was published Dec 23, 2025

Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability... High Unreviewed

CVE-2025-14927 was published Dec 23, 2025

CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content... High Unreviewed

CVE-2021-47736 was published Dec 23, 2025

Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution... High Unreviewed

CVE-2025-14928 was published Dec 23, 2025

CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in... High Unreviewed

CVE-2021-47735 was published Dec 23, 2025

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in start_app.sh. High Unreviewed

CVE-2025-65817 was published Dec 22, 2025

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows... High Unreviewed

CVE-2024-58284 was published Dec 11, 2025

Webedition CMS v2.9.8.8 contains a remote code execution vulnerability that allows authenticated... High Unreviewed

CVE-2023-53883 was published Dec 15, 2025

'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. High Unreviewed

CVE-2025-64676 was published Dec 19, 2025

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run... High Unreviewed

CVE-2023-53940 was published Dec 18, 2025

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a... High Unreviewed

CVE-2024-32406 was published Apr 26, 2024

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before... High Unreviewed

CVE-2025-55313 was published Dec 11, 2025

Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user... High Unreviewed

CVE-2025-65271 was published Dec 8, 2025

Lite XL versions 2.1.8 and prior automatically execute the .lite_project.lua file when opening a... High Unreviewed

CVE-2025-12120 was published Nov 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give... High Unreviewed

CVE-2025-66533 was published Dec 9, 2025

Previous1…95 Next

Previous 1 2 3 4 5 … 94 95 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,352 advisories