Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,721
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,946
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,440 advisories

Loading
Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed
CVE-2025-32801 was published May 28, 2025
docarray prototype pollution Moderate
CVE-2025-5150 was published for docarray (pip) May 25, 2025
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed
CVE-2024-13952 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials... High Unreviewed
CVE-2024-9639 was published May 22, 2025
Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator... High Unreviewed
CVE-2024-13929 was published May 22, 2025
SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database... High Unreviewed
CVE-2024-13928 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials... High Unreviewed
CVE-2025-30172 was published May 22, 2025
A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an attacker with admin privileges... High Unreviewed
CVE-2025-45753 was published May 21, 2025
A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary... High Unreviewed
CVE-2025-45752 was published May 21, 2025
An issue in Valvesoftware Steam Client Steam Client 1738026274 allows attackers to escalate... High Unreviewed
CVE-2025-27998 was published May 21, 2025
A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed
CVE-2025-44881 was published May 20, 2025
Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store High
CVE-2025-46725 was published for langroid (pip) May 20, 2025
SCH227
Langroid has a Code Injection vulnerability in TableChatAgent Critical
CVE-2025-46724 was published for langroid (pip) May 20, 2025
SCH227
Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite... Moderate Unreviewed
CVE-2025-48120 was published May 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP... Moderate Unreviewed
CVE-2025-48119 was published May 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG... Moderate Unreviewed
CVE-2025-47562 was published May 16, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-3053 was published May 15, 2025
mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target... Critical Unreviewed
CVE-2025-32363 was published May 14, 2025
A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0134 was published May 14, 2025
Cosmos EVM Allows Partial Precompile State Writes High
GHSA-mjfq-3qr2-6g84 was published for github.com/cosmos/evm (Go) May 14, 2025
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed
CVE-2024-54780 was published May 14, 2025
Apache IoTDB Vulnerable to Remote Code Execution Critical
CVE-2024-24780 was published for org.apache.iotdb:iotdb-core (Maven) May 14, 2025
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on... High Unreviewed
CVE-2025-4428 was published May 13, 2025
EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2025-45857 was published May 13, 2025
SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an... High Unreviewed
CVE-2025-43010 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database