GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,206
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,109
Maven 5,284
npm 3,765
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 887
Swift 37

Unreviewed advisories

All unreviewed 243,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,473 advisories

Filter by severity

Sort by

Least recently updated

Improper control of generation of code in the sourcerer extension for Joomla in versions before... Unknown Unreviewed

CVE-2025-22204 was published Feb 4, 2025

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12415 was published Jan 31, 2025

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-13472 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed

CVE-2024-23929 was published Jan 31, 2025

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2024-23920 was published Jan 31, 2025

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for... High Unreviewed

CVE-2024-11600 was published Jan 30, 2025

The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is... High Unreviewed

CVE-2024-13453 was published Jan 30, 2025

A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers... High Unreviewed

CVE-2024-10001 was published Jan 29, 2025

A Local Code Injection Vulnerability exists in the product and version listed above. The... High Unreviewed

CVE-2025-24482 was published Jan 28, 2025

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by... Moderate Unreviewed

CVE-2024-40673 was published Jan 28, 2025

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS... High Unreviewed

CVE-2025-24159 was published Jan 28, 2025

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed

CVE-2024-13499 was published Jan 22, 2025

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed

CVE-2024-13495 was published Jan 22, 2025

The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed

CVE-2024-42936 was published Jan 21, 2025

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10970 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName... Critical Unreviewed

CVE-2025-22906 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter... Critical Unreviewed

CVE-2025-22905 was published Jan 16, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7... High Unreviewed

CVE-2024-27856 was published Jan 15, 2025

An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH... Critical Unreviewed

CVE-2025-22968 was published Jan 15, 2025

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a... High Unreviewed

CVE-2024-50954 was published Jan 15, 2025

ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed

CVE-2024-42911 was published Jan 15, 2025

An authenticated parameter injection vulnerability exists in the web-based management interface... High Unreviewed

CVE-2025-23051 was published Jan 14, 2025

Windows Search Service Elevation of Privilege Vulnerability High Unreviewed

CVE-2025-21292 was published Jan 14, 2025

Microsoft Power Automate Remote Code Execution Vulnerability High Unreviewed

CVE-2025-21187 was published Jan 14, 2025

Previous 1 2 3 4 5 … 138 139 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,473 advisories