GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,523
Composer 4,691
Erlang 34
GitHub Actions 27
Go 2,276
Maven 5,563
npm 3,931
NuGet 708
pip 3,699
Pub 12
RubyGems 919
Rust 957
Swift 38

Unreviewed advisories

All unreviewed 255,507

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,209 advisories

Filter by severity

Sort by

Least recently updated

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed

CVE-2025-4428 was published May 13, 2025

SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed

CVE-2025-43010 was published May 13, 2025

The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to... High Unreviewed

CVE-2024-13793 was published May 8, 2025

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2025-2802 was published May 6, 2025

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable... High Unreviewed

CVE-2024-13738 was published May 3, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics... High Unreviewed

CVE-2025-2421 was published May 2, 2025

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE... High Unreviewed

CVE-2025-46579 was published Apr 27, 2025

The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed

CVE-2025-3491 was published Apr 26, 2025

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in... High Unreviewed

CVE-2024-13808 was published Apr 26, 2025

The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin... High Unreviewed

CVE-2025-2801 was published Apr 26, 2025

The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed

CVE-2025-3776 was published Apr 24, 2025

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user... High Unreviewed

CVE-2025-1976 was published Apr 24, 2025

NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of... High Unreviewed

CVE-2025-23251 was published Apr 22, 2025

A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2025-3509 was published Apr 18, 2025

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... High Unreviewed

CVE-2025-29039 was published Apr 17, 2025

Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run. High Unreviewed

CVE-2025-29661 was published Apr 17, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real... High Unreviewed

CVE-2025-32596 was published Apr 17, 2025

Phoneservice module is affected by code injection vulnerability, successful exploitation of this... High Unreviewed

CVE-2025-1532 was published Apr 17, 2025

A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2... High Unreviewed

CVE-2024-53303 was published Apr 16, 2025

A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron... High Unreviewed

CVE-2024-50960 was published Apr 15, 2025

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability... High Unreviewed

CVE-2025-29281 was published Apr 15, 2025

Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and... High Unreviewed

CVE-2023-42875 was published Apr 11, 2025

A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux)... High Unreviewed

CVE-2024-13861 was published Apr 11, 2025

The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2025-2805 was published Apr 10, 2025

The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2025-2809 was published Apr 10, 2025

Previous 1 2 3 4 5 … 88 89 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,209 advisories