Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
snyk Code Injection vulnerability High
CVE-2022-24441 was published for snyk (npm) Jul 6, 2023
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote... High Unreviewed
CVE-2022-43542 was published Dec 12, 2022
A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote... High Unreviewed
CVE-2022-44533 was published Dec 12, 2022
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote... High Unreviewed
CVE-2022-43541 was published Dec 12, 2022
The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed
CVE-2025-3776 was published Apr 24, 2025
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via... High Unreviewed
CVE-2022-37155 was published Dec 14, 2022
NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of... High Unreviewed
CVE-2025-23251 was published Apr 22, 2025
Pycel allows code injection via a crafted formula High
CVE-2024-53924 was published for pycel (pip) Apr 17, 2025
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40,... High Unreviewed
CVE-2017-16682 was published May 14, 2022
An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated... High Unreviewed
CVE-2017-14198 was published May 13, 2022
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete... High Unreviewed
CVE-2017-16544 was published May 13, 2022
An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists... High Unreviewed
CVE-2017-7411 was published May 14, 2022
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before... High Unreviewed
CVE-2017-16664 was published May 14, 2022
functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to... High Unreviewed
CVE-2014-9463 was published May 17, 2022
PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller... High Unreviewed
CVE-2015-9227 was published May 17, 2022
The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users... High Unreviewed
CVE-2015-0249 was published May 17, 2022
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors... High Unreviewed
CVE-2017-8402 was published May 17, 2022
Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security... High Unreviewed
CVE-2017-6186 was published May 13, 2022
Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a maliciously crafted... High Unreviewed
CVE-2017-4964 was published May 13, 2022
Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux... High Unreviewed
CVE-2016-8020 was published May 17, 2022
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3509 was published Apr 18, 2025
Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run. High Unreviewed
CVE-2025-29661 was published Apr 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-29039 was published Apr 17, 2025
Phoneservice module is affected by code injection vulnerability, successful exploitation of this... High Unreviewed
CVE-2025-1532 was published Apr 17, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real... High Unreviewed
CVE-2025-32596 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database