Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

847 advisories

Loading
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31575 was published Feb 7, 2023
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31574 was published Feb 7, 2023
In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed
CVE-2021-31573 was published Feb 7, 2023
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1355 was published Feb 13, 2024
InvokeAI Arbitrary File Deletion vulnerability Critical
CVE-2024-11042 was published for InvokeAI (pip) Mar 20, 2025
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate... Critical Unreviewed
CVE-2025-29814 was published Mar 21, 2025
A vulnerability in ollama/ollama version 0.1.37 allows for remote code execution (RCE) due to... Critical Unreviewed
CVE-2024-7773 was published Mar 20, 2025
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on... Critical Unreviewed
CVE-2024-47857 was published Jan 31, 2025
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the... Critical Unreviewed
CVE-2021-35370 was published Feb 24, 2023
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9),... Critical Unreviewed
CVE-2025-27494 was published Mar 11, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9),... Critical Unreviewed
CVE-2025-27493 was published Mar 11, 2025
Volt Allows RCE Via User-Crafted Requests Critical
CVE-2025-27517 was published for livewire/volt (Composer) Mar 5, 2025
angelej
The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512... Critical Unreviewed
CVE-2023-24033 was published Mar 13, 2023
Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. Critical Unreviewed
CVE-2024-36047 was published Feb 28, 2025
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This... Critical Unreviewed
CVE-2024-7591 was published Sep 5, 2024
Serv-U web login screen was allowing characters that were not sanitized by the authentication... Critical Unreviewed
CVE-2021-35247 was published Jan 11, 2022
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService Critical
CVE-2023-40743 was published for axis:axis (Maven) Sep 5, 2023
jkmartindale ebickle
Apache Karaf Cave: Cave SSRF and arbitrary file access Critical
CVE-2024-34365 was published for org.apache.karaf:cave (Maven) May 14, 2024
Apache Airflow Hive Provider Beeline remote code execution with Principal Critical
CVE-2023-35797 was published for apache-airflow-providers-apache-hive (pip) Jul 3, 2023
Increasing the resolution of video frames, while performing a multi-threaded encode, can result... Critical Unreviewed
CVE-2023-6879 was published Dec 28, 2023
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition... Critical Unreviewed
CVE-2022-4427 was published Dec 19, 2022
Prototype Pollution in deep-extend Critical
CVE-2018-3750 was published for deep-extend (npm) Oct 9, 2018
Arbitrary Code Execution in eslint-utils Critical
CVE-2019-15657 was published for eslint-utils (npm) Aug 26, 2019
A security vulnerability has been identified in the IBL Software Engineering Visual Weather and... Critical Unreviewed
CVE-2025-1077 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database