GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,908
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,203
Maven 5,433
npm 3,857
NuGet 696
pip 3,639
Pub 12
RubyGems 912
Rust 913
Swift 38

Unreviewed advisories

All unreviewed 249,431

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

875 advisories

Filter by severity

Sort by

Least recently updated

An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-41643 was published Mar 26, 2025

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8... Moderate Unreviewed

CVE-2025-2867 was published Mar 27, 2025

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows.... Moderate Unreviewed

CVE-2024-27793 was published May 14, 2024

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-29806 was published Mar 23, 2025

Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516... Moderate Unreviewed

CVE-2024-51122 was published Feb 13, 2025

Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to... Moderate Unreviewed

CVE-2024-31013 was published Apr 3, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ohio Extra... Moderate Unreviewed

CVE-2025-26924 was published Mar 16, 2025

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non... Moderate Unreviewed

CVE-2024-22020 was published Jul 9, 2024

The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-13895 was published Mar 8, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... Moderate Unreviewed

CVE-2024-50405 was published Mar 7, 2025

An issue in xxyopen novel plus v.4.4.0 and before allows a remote attacker to execute arbitrary... Moderate Unreviewed

CVE-2025-26182 was published Mar 4, 2025

The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2024-13815 was published Mar 5, 2025

The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2024-13806 was published Mar 1, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed

CVE-2023-36022 was published Nov 3, 2023

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed

CVE-2024-3787 was published May 14, 2024

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed

CVE-2024-3784 was published Apr 15, 2024

A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated... Moderate Unreviewed

CVE-2019-8900 was published Feb 22, 2025

PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed

CVE-2023-51317 was published Feb 20, 2025

There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the... Moderate Unreviewed

CVE-2025-25507 was published Feb 21, 2025

PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51324 was published Feb 20, 2025

PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51331 was published Feb 20, 2025

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51320 was published Feb 20, 2025

The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in... Moderate Unreviewed

CVE-2024-13900 was published Feb 21, 2025

Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote... Moderate Unreviewed

CVE-2025-27218 was published Feb 20, 2025

The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2024-13689 was published Feb 18, 2025

Previous 1 2 3 4 5 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

875 advisories