Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

635 advisories

Loading
An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-42733 was published Mar 7, 2025
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index... Critical Unreviewed
CVE-2025-25789 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27678 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27657 was published Mar 5, 2025
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows... Critical Unreviewed
CVE-2024-50707 was published Mar 4, 2025
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows... Critical Unreviewed
CVE-2024-50704 was published Mar 4, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ark Theme... Critical Unreviewed
CVE-2025-26970 was published Mar 3, 2025
ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows... Critical Unreviewed
CVE-2025-27554 was published Mar 1, 2025
An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior... Critical Unreviewed
CVE-2024-41339 was published Feb 27, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... Critical Unreviewed
CVE-2024-41334 was published Feb 27, 2025
An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0... Critical Unreviewed
CVE-2024-53944 was published Feb 27, 2025
A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-26014 was published Feb 21, 2025
Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand... Critical Unreviewed
CVE-2025-25675 was published Feb 21, 2025
A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1... Critical Unreviewed
CVE-2024-54756 was published Feb 21, 2025
SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to... Critical Unreviewed
CVE-2024-57401 was published Feb 20, 2025
Insufficient tracking and releasing of allocated used memory in libx264 git master allows... Critical Unreviewed
CVE-2025-25467 was published Feb 19, 2025
Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before... Critical Unreviewed
CVE-2024-10644 was published Feb 11, 2025
An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and... Critical Unreviewed
CVE-2024-57707 was published Feb 7, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in WPSpins Post/Page... Critical Unreviewed
CVE-2025-24677 was published Feb 4, 2025
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an... Critical Unreviewed
CVE-2025-1011 was published Feb 4, 2025
Improper control of generation of code in the sourcerer extension for Joomla in versions before... Critical Unreviewed
CVE-2025-22204 was published Feb 4, 2025
ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by... Critical Unreviewed
CVE-2024-57099 was published Feb 3, 2025
In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a... Critical Unreviewed
CVE-2024-49747 was published Jan 22, 2025
A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed
CVE-2024-24421 was published Jan 22, 2025
The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed
CVE-2024-42936 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database