Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by... Critical Unreviewed
CVE-2011-10015 was published Aug 13, 2025
Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection... Critical Unreviewed
CVE-2012-10059 was published Aug 13, 2025
Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php... Critical Unreviewed
CVE-2011-10017 was published Aug 13, 2025
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed
CVE-2011-10010 was published Aug 13, 2025
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where... Critical Unreviewed
CVE-2011-10011 was published Aug 13, 2025
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common... Critical Unreviewed
CVE-2011-10013 was published Aug 13, 2025
Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when... Critical Unreviewed
CVE-2011-10016 was published Aug 13, 2025
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is... Critical Unreviewed
CVE-2025-8904 was published Aug 13, 2025
Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to... Critical Unreviewed
CVE-2025-34153 was published Aug 13, 2025
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that... Critical Unreviewed
CVE-2021-35393 was published May 24, 2022
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.... Critical Unreviewed
CVE-2022-1292 was published May 4, 2022
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the... Critical Unreviewed
CVE-2025-6715 was published Aug 13, 2025
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed
CVE-2017-3248 was published May 14, 2022
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability,... Critical Unreviewed
CVE-2025-8913 was published Aug 13, 2025
A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function... Critical Unreviewed
CVE-2025-8760 was published Aug 13, 2025
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-7384 was published Aug 13, 2025
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to... Critical Unreviewed
CVE-2025-49457 was published Aug 13, 2025
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain... Critical Unreviewed
CVE-2023-43029 was published Mar 21, 2025
Prototype Pollution in lodash Critical
CVE-2019-10744 was published for lodash (RubyGems) Jul 10, 2019
G-Rath
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (pip) Aug 8, 2025
ExecuTorch vulnerable to Heap-based Buffer Overflow Critical
CVE-2025-54951 was published for executorch (pip) Aug 8, 2025
ExecuTorch heap buffer overflow vulnerability Critical
CVE-2025-54949 was published for executorch (pip) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30405 was published for executorch (pip) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30404 was published for executorch (pip) Aug 8, 2025
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a... Critical Unreviewed
CVE-2025-53766 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database