Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,794 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in cmoreira Team Showcase... Moderate Unreviewed
CVE-2025-49250 was published Jun 6, 2025
Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed
CVE-2025-41362 was published Jun 6, 2025
Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed
CVE-2025-41365 was published Jun 6, 2025
Weaver Ecology v9* was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2024-48070 was published Nov 19, 2024
Remote code execution Critical Unreviewed
CVE-2022-42541 was published Nov 30, 2023
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23741 was published Jan 28, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... High Unreviewed
CVE-2025-25021 was published Jun 3, 2025
In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result... Critical Unreviewed
CVE-2025-32106 was published Jun 3, 2025
A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. This... Moderate Unreviewed
CVE-2025-5151 was published May 25, 2025
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2024-32358 was published Apr 25, 2024
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in... Critical Unreviewed
CVE-2022-1609 was published Jan 16, 2024
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022... High Unreviewed
CVE-2022-35773 was published Aug 10, 2022
Windows Network File System Remote Code Execution Vulnerability. Critical Unreviewed
CVE-2022-34715 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-35767 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-34714 was published Aug 10, 2022
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-51360 was published May 23, 2025
HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker... Moderate Unreviewed
CVE-2023-37518 was published Jan 30, 2024
In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution. Critical Unreviewed
CVE-2022-41138 was published Sep 21, 2022
Kea configuration and API directives can be used to load a malicious hook library. Many common... High Unreviewed
CVE-2025-32801 was published May 28, 2025
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to... High Unreviewed
CVE-2022-28640 was published Sep 21, 2022
A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary... High Unreviewed
CVE-2025-45752 was published May 21, 2025
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed
CVE-2024-13952 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials... High Unreviewed
CVE-2024-9639 was published May 22, 2025
SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database... High Unreviewed
CVE-2024-13928 was published May 22, 2025
Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials... High Unreviewed
CVE-2025-30172 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database