GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,755
Composer 4,471
Erlang 33
GitHub Actions 24
Go 2,180
Maven 5,418
npm 3,836
NuGet 696
pip 3,555
Pub 12
RubyGems 910
Rust 908
Swift 38

Unreviewed advisories

All unreviewed 248,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,607 advisories

Filter by severity

Sort by

Least recently updated

Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute... High Unreviewed

CVE-2025-29807 was published Mar 21, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a... High Unreviewed

CVE-2024-50954 was published Jan 15, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a... High Unreviewed

CVE-2025-0185 was published Mar 20, 2025

A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an... Critical Unreviewed

CVE-2024-8581 was published Mar 20, 2025

man-group dtale version <= 3.13.1 contains a vulnerability where the query parameters from the... High Unreviewed

CVE-2024-9016 was published Mar 20, 2025

SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update... High Unreviewed

CVE-2024-9439 was published Mar 20, 2025

A command injection vulnerability exists in the workflow-checker.yml workflow of significant... High Unreviewed

CVE-2024-8156 was published Mar 20, 2025

A command injection vulnerability exists in the `pandas.DataFrame.query` function of pandas-dev... High Unreviewed

CVE-2024-9880 was published Mar 20, 2025

A remote code execution vulnerability exists in the Calculate function of parisneo/lollms version... High Unreviewed

CVE-2024-6982 was published Mar 20, 2025

In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code... High Unreviewed

CVE-2024-10950 was published Mar 20, 2025

A vulnerability in langgenius/dify versions <=v0.9.1 allows for code injection via internal SSRF... High Unreviewed

CVE-2024-10252 was published Mar 20, 2025

In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due... High Unreviewed

CVE-2024-43767 was published Jan 3, 2025

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-51298 was published Oct 30, 2024

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename... Critical Unreviewed

CVE-2021-33949 was published Feb 17, 2023

Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516... Moderate Unreviewed

CVE-2024-51122 was published Feb 13, 2025

This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed

CVE-2024-23929 was published Jan 31, 2025

In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a... Critical Unreviewed

CVE-2024-49747 was published Jan 22, 2025

typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2023-24114 was published Feb 22, 2023

An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR... High Unreviewed

CVE-2024-21760 was published Mar 18, 2025

In gatts_process_read_req of gatt_sr.cc, there is a possible out of bounds write due to a missing... High Unreviewed

CVE-2024-43771 was published Jan 22, 2025

In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a... High Unreviewed

CVE-2024-43770 was published Jan 22, 2025

Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to... Moderate Unreviewed

CVE-2024-31013 was published Apr 3, 2024

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed

CVE-2025-25675 was published Feb 21, 2025

Previous 1 2 3 4 5 … 144 145 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,607 advisories