GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,590
Composer 4,706
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,525

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,766 advisories

Filter by severity

Sort by

Least recently updated

Gridea version 0.9.3 allows an external attacker to execute arbitrary code remotely on any client... High Unreviewed

CVE-2022-40274 was published Oct 1, 2022

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed

CVE-2024-54780 was published May 14, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP... Moderate Unreviewed

CVE-2025-48119 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG... Moderate Unreviewed

CVE-2025-47562 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite... Moderate Unreviewed

CVE-2025-48120 was published May 16, 2025

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed

CVE-2025-26845 was published May 8, 2025

In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code... High Unreviewed

CVE-2022-42902 was published Oct 13, 2022

mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed

CVE-2025-32363 was published May 14, 2025

iKuai8 v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. High Unreviewed

CVE-2022-40469 was published Oct 12, 2022

Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed

CVE-2022-41534 was published Oct 14, 2022

Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed

CVE-2023-5677 was published Feb 5, 2024

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed

CVE-2025-3053 was published May 15, 2025

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed

CVE-2025-0134 was published May 14, 2025

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed

CVE-2015-2079 was published Apr 28, 2025

A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-4022 was published Apr 28, 2025

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2025-45857 was published May 13, 2025

The rphone module has a script that can be maliciously modified.Successful exploitation of this... High Unreviewed

CVE-2022-41576 was published Oct 14, 2022

GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2022-41544 was published Oct 18, 2022

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed

CVE-2025-4428 was published May 13, 2025

Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed

CVE-2025-23376 was published Apr 28, 2025

SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed

CVE-2025-43010 was published May 13, 2025

An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin... Critical Unreviewed

CVE-2025-44022 was published May 12, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute... Moderate Unreviewed

CVE-2025-28201 was published May 9, 2025

Previous 1 2 3 4 5 … 150 151 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,766 advisories