GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,479 advisories

Filter by severity

Sort by

Least recently updated

NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote... High Unreviewed

CVE-2025-25246 was published Feb 5, 2025

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. High Unreviewed

CVE-2020-8644 was published May 24, 2022

Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed

CVE-2020-5847 was published May 24, 2022

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter... High Unreviewed

CVE-2019-16759 was published May 24, 2022

Improper control of generation of code in the sourcerer extension for Joomla in versions before... Critical Unreviewed

CVE-2025-22204 was published Feb 4, 2025

ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by... Critical Unreviewed

CVE-2024-57099 was published Feb 3, 2025

An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject... Moderate Unreviewed

CVE-2024-55504 was published Jan 21, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in WPSpins Post/Page... Critical Unreviewed

CVE-2025-24677 was published Feb 4, 2025

ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed

CVE-2024-42911 was published Jan 15, 2025

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by... Moderate Unreviewed

CVE-2024-40673 was published Jan 28, 2025

Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code... Critical Unreviewed

CVE-2023-30404 was published Apr 26, 2023

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly... Moderate Unreviewed

CVE-2024-6923 was published Aug 1, 2024

This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed

CVE-2024-23929 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2024-23920 was published Jan 31, 2025

A remote code execution (RCE) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10... High Unreviewed

CVE-2024-53561 was published Jan 14, 2025

An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2023-29861 was published May 15, 2023

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12415 was published Jan 31, 2025

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-13472 was published Jan 31, 2025

European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute... High Unreviewed

CVE-2023-26546 was published May 2, 2023

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for... High Unreviewed

CVE-2024-11600 was published Jan 30, 2025

The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is... High Unreviewed

CVE-2024-13453 was published Jan 30, 2025

S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability... High Unreviewed

CVE-2023-29963 was published May 6, 2023

A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers... High Unreviewed

CVE-2024-10001 was published Jan 29, 2025

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET... Critical Unreviewed

CVE-2023-25717 was published Feb 13, 2023

In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the... High Unreviewed

CVE-2023-22952 was published Jan 11, 2023

Previous 1 2 3 4 5 … 139 140 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,479 advisories