GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,886
Composer 4,778
Erlang 36
GitHub Actions 29
Go 2,336
Maven 5,642
npm 3,969
NuGet 713
pip 3,767
Pub 12
RubyGems 923
Rust 976
Swift 38

Unreviewed advisories

All unreviewed 259,411

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,805 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics... High Unreviewed

CVE-2025-2421 was published May 2, 2025

Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2024-13420 was published May 2, 2025

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-45947 was published Apr 28, 2025

Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET... Moderate Unreviewed

CVE-2024-32499 was published Apr 28, 2025

OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution. Moderate Unreviewed

CVE-2023-42404 was published Apr 28, 2025

Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed

CVE-2025-23376 was published Apr 28, 2025

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-4022 was published Apr 28, 2025

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed

CVE-2015-2079 was published Apr 28, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE... High Unreviewed

CVE-2025-46579 was published Apr 27, 2025

The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-13812 was published Apr 26, 2025

The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed

CVE-2025-3491 was published Apr 26, 2025

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in... High Unreviewed

CVE-2024-13808 was published Apr 26, 2025

The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin... High Unreviewed

CVE-2025-2801 was published Apr 26, 2025

The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed

CVE-2025-3776 was published Apr 24, 2025

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user... High Unreviewed

CVE-2025-1976 was published Apr 24, 2025

A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR... Moderate Unreviewed

CVE-2025-0618 was published Apr 23, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php... Critical Unreviewed

CVE-2023-43958 was published Apr 22, 2025

NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of... High Unreviewed

CVE-2025-23251 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2025-3472 was published Apr 22, 2025

An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade... Critical Unreviewed

CVE-2025-29058 was published Apr 18, 2025

A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2025-3509 was published Apr 18, 2025

Previous 1 2 3 4 5 … 152 153 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,805 advisories