Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,942 advisories

Loading
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10057 was published Sep 17, 2025
An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when... High Unreviewed
CVE-2025-34079 was published Jul 2, 2025
A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-7101 was published Jul 7, 2025
The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection... High Unreviewed
CVE-2025-8417 was published Sep 11, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed
CVE-2025-9539 was published Sep 9, 2025
The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed
CVE-2025-9489 was published Sep 9, 2025
SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw... Critical Unreviewed
CVE-2025-42922 was published Sep 9, 2025
rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc. Critical Unreviewed
CVE-2025-57141 was published Sep 8, 2025
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... High Unreviewed
CVE-2025-7366 was published Sep 6, 2025
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers... High Unreviewed
CVE-2024-10001 was published Jan 29, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board... Low Unreviewed
CVE-2025-58827 was published Sep 5, 2025
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3509 was published Apr 18, 2025
The atec Debug plugin for WordPress is vulnerable to remote code execution in all versions up to,... High Unreviewed
CVE-2025-9517 was published Sep 4, 2025
The Easy Timer plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,... High Unreviewed
CVE-2025-9519 was published Sep 4, 2025
A remote code injection vulnerability exists in the Ambari Metrics and AMS Alerts feature,... High Unreviewed
CVE-2024-51941 was published Jan 22, 2025
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... High Unreviewed
CVE-2020-17141 was published May 24, 2022
, aka 'Visual Studio Remote Code Execution Vulnerability'. High Unreviewed
CVE-2020-17156 was published May 24, 2022
, aka 'Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution... High Unreviewed
CVE-2020-17158 was published May 24, 2022
, aka 'Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution... High Unreviewed
CVE-2020-17152 was published May 24, 2022
, aka 'Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability'. High Unreviewed
CVE-2020-17159 was published May 24, 2022
, aka 'Visual Studio Code Remote Code Execution Vulnerability'. High Unreviewed
CVE-2020-17150 was published May 24, 2022
, aka 'Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability'. High Unreviewed
CVE-2020-17148 was published May 24, 2022
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2020-17132 was published May 24, 2022
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2020-17142 was published May 24, 2022
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... High Unreviewed
CVE-2020-17144 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database