GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,898
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,203
Maven 5,431
npm 3,852
NuGet 696
pip 3,637
Pub 12
RubyGems 911
Rust 913
Swift 38

Unreviewed advisories

All unreviewed 249,040

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

573 advisories

Filter by severity

Sort by

Least recently updated

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a... Critical Unreviewed

CVE-2024-22632 was published Apr 26, 2024

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted... Critical Unreviewed

CVE-2024-31666 was published Apr 22, 2024

A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to... Critical Unreviewed

CVE-2024-55028 was published Mar 25, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Visual Text... Critical Unreviewed

CVE-2025-28893 was published Mar 26, 2025

An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to... Critical Unreviewed

CVE-2024-48818 was published Mar 25, 2025

An issue was discovered in Exasol jdbc driver 24.2.0. Attackers can inject malicious parameters... Critical Unreviewed

CVE-2024-55551 was published Mar 19, 2025

An issue in Termius Version 9.9.0 through v.9.16.0 allows a physically proximate attacker to... Critical Unreviewed

CVE-2024-57061 was published Mar 19, 2025

An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7... Critical Unreviewed

CVE-2025-29401 was published Mar 19, 2025

An improper control of generation of code ('Code Injection') vulnerability in the... Critical Unreviewed

CVE-2024-45480 was published Mar 25, 2025

Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v... Critical Unreviewed

CVE-2024-40530 was published Aug 5, 2024

Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote... Critical Unreviewed

CVE-2022-45699 was published Feb 10, 2023

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove... Critical Unreviewed

CVE-2024-52393 was published Nov 14, 2024

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an... Critical Unreviewed

CVE-2024-8581 was published Mar 20, 2025

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-51298 was published Oct 30, 2024

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename... Critical Unreviewed

CVE-2021-33949 was published Feb 17, 2023

In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a... Critical Unreviewed

CVE-2024-49747 was published Jan 22, 2025

typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2023-24114 was published Feb 22, 2023

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed

CVE-2025-25675 was published Feb 21, 2025

A mismatch between allocator and deallocator could have lead to memory corruption. This... Critical Unreviewed

CVE-2024-6602 was published Jul 9, 2024

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection. Critical Unreviewed

CVE-2024-47219 was published Sep 22, 2024

hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to... Critical Unreviewed

CVE-2023-24107 was published Feb 22, 2023

NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE,... Critical Unreviewed

CVE-2024-29937 was published Apr 11, 2024

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-42733 was published Mar 7, 2025

Previous 1 2 3 4 5 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

573 advisories