Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,095 advisories

Loading
File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary... High Unreviewed
CVE-2021-3267 was published Apr 4, 2023
AMI SPx contains a vulnerability in the BMC where a User may cause a improper control of... High Unreviewed
CVE-2023-34330 was published Jul 18, 2023
An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to... High Unreviewed
CVE-2023-27770 was published Apr 4, 2023
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13346 was published Feb 13, 2025
The Avada Builder plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2024-13345 was published Feb 13, 2025
codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2023-26817 was published Apr 7, 2023
On Linux, Node.js ignores certain environment variables if those may have been set by an... High Unreviewed
CVE-2024-21892 was published Feb 20, 2024
Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), :... High Unreviewed
CVE-2024-48962 was published Nov 18, 2024
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS... High Unreviewed
CVE-2024-27859 was published Feb 10, 2025
An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-57609 was published Feb 7, 2025
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and... High Unreviewed
CVE-2015-1635 was published May 14, 2022
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to... High Unreviewed
CVE-2017-8759 was published May 14, 2022
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape... High Unreviewed
CVE-2023-30638 was published Apr 14, 2023
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote... High Unreviewed
CVE-2019-9082 was published May 13, 2022
The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions... High Unreviewed
CVE-2024-7419 was published Feb 7, 2025
The The CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run... High Unreviewed
CVE-2024-13487 was published Feb 6, 2025
NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote... High Unreviewed
CVE-2025-25246 was published Feb 5, 2025
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. High Unreviewed
CVE-2020-8644 was published May 24, 2022
Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed
CVE-2020-5847 was published May 24, 2022
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter... High Unreviewed
CVE-2019-16759 was published May 24, 2022
ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed
CVE-2024-42911 was published Jan 15, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23920 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed
CVE-2024-23929 was published Jan 31, 2025
A remote code execution (RCE) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10... High Unreviewed
CVE-2024-53561 was published Jan 14, 2025
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-13472 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database