GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

929 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This... Moderate Unreviewed

CVE-2025-7101 was published Jul 7, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18... Moderate Unreviewed

CVE-2025-5101 was published Aug 27, 2025

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43393 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43392 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43391 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the ospf service through... Moderate Unreviewed

CVE-2024-43389 was published Sep 10, 2024

A low privileged remote attacker can perform configuration changes of the firewall services,... Moderate Unreviewed

CVE-2024-43390 was published Sep 10, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed

CVE-2025-54019 was published Aug 20, 2025

The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed

CVE-2025-8878 was published Aug 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed

CVE-2025-54466 was published Aug 15, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed

CVE-2025-7961 was published Aug 15, 2025

The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed

CVE-2025-8905 was published Aug 15, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed

CVE-2025-39483 was published Aug 14, 2025

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker... Moderate Unreviewed

CVE-2025-42945 was published Aug 12, 2025

An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4... Moderate Unreviewed

CVE-2025-54940 was published Aug 8, 2025

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug... Moderate Unreviewed

CVE-2024-20359 was published Apr 24, 2024

SAP FICA ODN framework allows a high privileged user to inject value inside the local variable... Moderate Unreviewed

CVE-2025-42947 was published Jul 23, 2025

A locally authenticated, privileged user can craft a malicious OpenSSL configuration file,... Moderate Unreviewed

CVE-2025-0664 was published Jul 21, 2025

An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of... Moderate Unreviewed

CVE-2025-46000 was published Jul 18, 2025

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown... Moderate Unreviewed

CVE-2024-12900 was published Dec 23, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory... Moderate Unreviewed

CVE-2024-7650 was published Jul 10, 2025

A vulnerability allowing local system users to modify directory contents, allowing for arbitrary... Moderate Unreviewed

CVE-2025-24287 was published Jun 19, 2025

A vulnerability, which was classified as problematic, was found in wix-incubator jam up to... Moderate Unreviewed

CVE-2025-3841 was published Apr 21, 2025

An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate... Moderate Unreviewed

CVE-2023-51820 was published Feb 2, 2024

Previous1…38 Next

Previous 1 2 3 4 5 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

929 advisories