Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

642 advisories

Loading
xunruicms <=4.5.1 is vulnerable to Remote Code Execution. Critical Unreviewed
CVE-2021-38243 was published Sep 27, 2023
In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed
CVE-2025-32106 was published Jun 3, 2025
A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS... Critical Unreviewed
CVE-2025-28386 was published Jun 13, 2025
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection... Critical Unreviewed
CVE-2024-23692 was published May 31, 2024
An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute... Critical Unreviewed
CVE-2023-50488 was published Feb 2, 2024
Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote... Critical Unreviewed
CVE-2022-45699 was published Feb 10, 2023
Remote code execution that allows unauthorized users to execute arbitrary code on the server... Critical Unreviewed
CVE-2025-29902 was published Jun 13, 2025
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2024-48359 was published Oct 31, 2024
An issue was discovered in OpenRemote through 1.0.4 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2022-31860 was published Sep 7, 2022
Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was... Critical Unreviewed
CVE-2025-30085 was published Jun 11, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering... Critical Unreviewed
CVE-2025-48123 was published Jun 9, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in metalpriceapi... Critical Unreviewed
CVE-2025-48140 was published Jun 9, 2025
An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to execute arbitrary code via the /files... Critical Unreviewed
CVE-2024-22988 was published Feb 24, 2024
Weaver Ecology v9* was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2024-48070 was published Nov 19, 2024
Remote code execution Critical Unreviewed
CVE-2022-42541 was published Nov 30, 2023
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23741 was published Jan 28, 2024
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in... Critical Unreviewed
CVE-2022-1609 was published Jan 16, 2024
Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed
CVE-2022-34715 was published Aug 10, 2022
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-51360 was published May 23, 2025
In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution. Critical Unreviewed
CVE-2022-41138 was published Sep 21, 2022
Nagios XI before version 5.11.3 was discovered to contain a remote code execution (RCE)... Critical Unreviewed
CVE-2023-48085 was published Dec 14, 2023
A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed
CVE-2025-44881 was published May 20, 2025
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed
CVE-2025-26845 was published May 8, 2025
mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed
CVE-2025-32363 was published May 14, 2025
Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code... Critical Unreviewed
CVE-2015-2079 was published Apr 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database