GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,872
Composer 4,778
Erlang 35
GitHub Actions 29
Go 2,334
Maven 5,639
npm 3,966
NuGet 713
pip 3,763
Pub 12
RubyGems 923
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 259,210

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,466 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability classified as critical has been found in letta-ai letta up to 0.4.1. Affected is... Moderate Unreviewed

CVE-2025-6101 was published Jun 16, 2025

XWiki allows remote code execution through default value of wiki macro wiki-type parameters High

CVE-2025-49581 was published for org.xwiki.platform:xwiki-platform-rendering-wikimacro-store (Maven) Jun 13, 2025

Remote code execution that allows unauthorized users to execute arbitrary code on the server... Critical Unreviewed

CVE-2025-29902 was published Jun 13, 2025

Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was... Critical Unreviewed

CVE-2025-30085 was published Jun 11, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in metalpriceapi... Critical Unreviewed

CVE-2025-48140 was published Jun 9, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering... Critical Unreviewed

CVE-2025-48123 was published Jun 9, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in cmoreira Team Showcase... Moderate Unreviewed

CVE-2025-49250 was published Jun 6, 2025

Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed

CVE-2025-41362 was published Jun 6, 2025

Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed

CVE-2025-41365 was published Jun 6, 2025

Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language Moderate

CVE-2025-35036 was published for org.hibernate.validator:hibernate-validator (Maven) Jun 3, 2025

In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed

CVE-2025-32106 was published Jun 3, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... High Unreviewed

CVE-2025-25021 was published Jun 3, 2025

Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution Low

CVE-2025-5321 was published for aim (pip) May 29, 2025

Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed

CVE-2025-32801 was published May 28, 2025

A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. This... Moderate Unreviewed

CVE-2025-5151 was published May 25, 2025

docarray prototype pollution Moderate

CVE-2025-5150 was published for docarray (pip) May 25, 2025

A vulnerability was found in DedeCMS 5.7.117. It has been classified as critical. Affected is an... Moderate Unreviewed

CVE-2025-5137 was published May 25, 2025

An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-51360 was published May 23, 2025

Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed

CVE-2024-13952 was published May 22, 2025

Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials... High Unreviewed

CVE-2025-30172 was published May 22, 2025

SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database... High Unreviewed

CVE-2024-13928 was published May 22, 2025

Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials... High Unreviewed

CVE-2024-9639 was published May 22, 2025

Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator... High Unreviewed

CVE-2024-13929 was published May 22, 2025

A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an attacker with admin privileges... High Unreviewed

CVE-2025-45753 was published May 21, 2025

A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary... High Unreviewed

CVE-2025-45752 was published May 21, 2025

Previous 1 2 3 4 5 … 178 179 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,466 advisories