Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,828
Maven
5,000+
npm
4,457
NuGet
775
pip
4,222
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24 advisories

Loading
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval... Critical Unreviewed
CVE-2021-23277 was published May 24, 2022
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702,... High Unreviewed
CVE-2021-33678 was published May 24, 2022
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows... Critical Unreviewed
CVE-2023-0090 was published Mar 8, 2023
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet:... High Unreviewed
CVE-2023-7101 was published Dec 25, 2023
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external... High Unreviewed
CVE-2023-7224 was published Jan 8, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2024-39173 was published Jul 18, 2024
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an... Critical Unreviewed
CVE-2024-7954 was published Aug 23, 2024
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is... High Unreviewed
CVE-2023-26323 was published Aug 28, 2024
The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to... Critical Unreviewed
CVE-2024-8512 was published Oct 30, 2024
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed
CVE-2025-26845 was published May 8, 2025
A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to... Critical Unreviewed
CVE-2013-10051 was published Aug 1, 2025
PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user... Critical Unreviewed
CVE-2013-10070 was published Aug 5, 2025
The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version... High Unreviewed
CVE-2025-8420 was published Aug 6, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability... Moderate Unreviewed
CVE-2025-55585 was published Aug 18, 2025
The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human... Critical Unreviewed
CVE-2011-10033 was published Oct 15, 2025
A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with... High Unreviewed
CVE-2025-61955 was published Oct 15, 2025
The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the... Critical Unreviewed
CVE-2025-12140 was published Nov 27, 2025
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4... High Unreviewed
CVE-2025-65530 was published Dec 12, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-43388 was published Dec 12, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-43466 was published Dec 12, 2025
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python... Critical Unreviewed
CVE-2025-54322 was published Dec 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database