Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... High Unreviewed
CVE-2025-25021 was published Jun 3, 2025
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2024-32358 was published Apr 25, 2024
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-29505 was published for com.thoughtworks.xstream:xstream (Maven) May 18, 2021
decsecre583
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022... High Unreviewed
CVE-2022-35773 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-35767 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-34714 was published Aug 10, 2022
Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed
CVE-2025-32801 was published May 28, 2025
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to... High Unreviewed
CVE-2022-28640 was published Sep 21, 2022
A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary... High Unreviewed
CVE-2025-45752 was published May 21, 2025
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed
CVE-2024-13952 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials... High Unreviewed
CVE-2024-9639 was published May 22, 2025
SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database... High Unreviewed
CVE-2024-13928 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials... High Unreviewed
CVE-2025-30172 was published May 22, 2025
Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator... High Unreviewed
CVE-2024-13929 was published May 22, 2025
A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an attacker with admin privileges... High Unreviewed
CVE-2025-45753 was published May 21, 2025
An issue in Valvesoftware Steam Client Steam Client 1738026274 allows attackers to escalate... High Unreviewed
CVE-2025-27998 was published May 21, 2025
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an... High Unreviewed
CVE-2022-40497 was published Sep 29, 2022
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to... High Unreviewed
CVE-2022-40486 was published Sep 29, 2022
Gridea version 0.9.3 allows an external attacker to execute arbitrary code remotely on any client... High Unreviewed
CVE-2022-40274 was published Oct 1, 2022
Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store High
CVE-2025-46725 was published for langroid (pip) May 20, 2025
SCH227
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to... High Unreviewed
CVE-2024-54780 was published May 14, 2025
In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code... High Unreviewed
CVE-2022-42902 was published Oct 13, 2022
iKuai8 v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. High Unreviewed
CVE-2022-40469 was published Oct 12, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload... High Unreviewed
CVE-2022-41534 was published Oct 14, 2022
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-3053 was published May 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database