GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,381
Composer 4,822
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,809
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,828

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

671 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index... Critical Unreviewed

CVE-2025-50707 was published Aug 5, 2025

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured... Critical Unreviewed

CVE-2025-51387 was published Aug 4, 2025

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the... Critical Unreviewed

CVE-2025-46059 was published Jul 29, 2025

A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience... Critical Unreviewed

CVE-2025-34138 was published Jul 25, 2025

An issue in Gardyn 4 allows a remote attacker execute arbitrary code Critical Unreviewed

CVE-2025-29631 was published Jul 25, 2025

Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL. Critical Unreviewed

CVE-2025-53867 was published Jul 17, 2025

A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe... Critical Unreviewed

CVE-2016-15044 was published Jul 24, 2025

A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1... Critical Unreviewed

CVE-2018-25114 was published Jul 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics... Critical Unreviewed

CVE-2025-54451 was published Jul 23, 2025

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up... Critical Unreviewed

CVE-2025-5396 was published Jul 17, 2025

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a... Critical Unreviewed

CVE-2025-34127 was published Jul 17, 2025

The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to... Critical Unreviewed

CVE-2025-5392 was published Jul 11, 2025

An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-48978 was published Jun 23, 2025

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that... Critical Unreviewed

CVE-2025-34077 was published Jul 9, 2025

Insufficient security mechanisms for created containers in educoder challenges v1.0 allow... Critical Unreviewed

CVE-2025-45479 was published Jul 7, 2025

SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This... Critical Unreviewed

CVE-2025-42967 was published Jul 8, 2025

Remote attackers can execute arbitrary code in the context of the vulnerable service process. Critical Unreviewed

CVE-2025-5333 was published Jul 6, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy... Critical Unreviewed

CVE-2025-49302 was published Jul 4, 2025

An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote... Critical Unreviewed

CVE-2025-34089 was published Jul 3, 2025

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2025-34061 was published Jul 3, 2025

An authenticated remote code execution vulnerability exists in Lucee’s administrative interface... Critical Unreviewed

CVE-2025-34074 was published Jul 2, 2025

A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0... Critical Unreviewed

CVE-2025-37099 was published Jul 1, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom... Critical Unreviewed

CVE-2025-49029 was published Jul 1, 2025

An unauthenticated file upload vulnerability exists in the Fanwei E-Office <= v9.4 web management... Critical Unreviewed

CVE-2025-34046 was published Jun 26, 2025

An issue in mmzdev KnowledgeGPT V.0.0.5 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-37743 was published Jun 24, 2025

Previous 1 2 3 4 5 … 26 27 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

671 advisories