GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,895
Composer 4,779
Erlang 36
GitHub Actions 29
Go 2,338
Maven 5,642
npm 3,972
NuGet 714
pip 3,769
Pub 12
RubyGems 923
Rust 976
Swift 38

Unreviewed advisories

All unreviewed 259,812

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

642 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS... Critical Unreviewed

CVE-2025-28386 was published Jun 13, 2025

Remote code execution that allows unauthorized users to execute arbitrary code on the server... Critical Unreviewed

CVE-2025-29902 was published Jun 13, 2025

Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was... Critical Unreviewed

CVE-2025-30085 was published Jun 11, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in metalpriceapi... Critical Unreviewed

CVE-2025-48140 was published Jun 9, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering... Critical Unreviewed

CVE-2025-48123 was published Jun 9, 2025

In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed

CVE-2025-32106 was published Jun 3, 2025

An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-51360 was published May 23, 2025

A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed

CVE-2025-44881 was published May 20, 2025

mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed

CVE-2025-32363 was published May 14, 2025

EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2025-45857 was published May 13, 2025

An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin... Critical Unreviewed

CVE-2025-44022 was published May 12, 2025

Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management... Critical Unreviewed

CVE-2025-46191 was published May 9, 2025

Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed

CVE-2025-29509 was published May 9, 2025

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Critical Unreviewed

CVE-2025-28203 was published May 9, 2025

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed

CVE-2025-26845 was published May 8, 2025

SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2025-44071 was published May 6, 2025

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-45947 was published Apr 28, 2025

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed

CVE-2015-2079 was published Apr 28, 2025

TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed

CVE-2025-43946 was published Apr 22, 2025

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php... Critical Unreviewed

CVE-2023-43958 was published Apr 22, 2025

An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-40446 was published Apr 22, 2025

An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade... Critical Unreviewed

CVE-2025-29058 was published Apr 18, 2025

A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated... Critical Unreviewed

CVE-2025-29662 was published Apr 17, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post... Critical Unreviewed

CVE-2025-32583 was published Apr 17, 2025

Previous 1 2 3 4 5 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

642 advisories