GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,015 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An... Critical Unreviewed

CVE-2025-46581 was published Oct 14, 2025

An low privileged remote attacker with an account for the Web-based management can change the... High Unreviewed

CVE-2025-41699 was published Oct 14, 2025

SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript... Moderate Unreviewed

CVE-2025-42901 was published Oct 14, 2025

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an... Moderate Unreviewed

CVE-2025-11344 was published Oct 6, 2025

This vulnerability affects Firefox < 143.0.3. High Unreviewed

CVE-2025-11153 was published Sep 30, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in YayCommerce... Moderate Unreviewed

CVE-2025-60114 was published Sep 26, 2025

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown... Moderate Unreviewed

CVE-2025-10993 was published Sep 26, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability High Unreviewed

CVE-2025-59251 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where... High Unreviewed

CVE-2025-23348 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script... High Unreviewed

CVE-2025-23353 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq... High Unreviewed

CVE-2025-23349 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script... High Unreviewed

CVE-2025-23354 was published Sep 24, 2025

An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due... Moderate Unreviewed

CVE-2025-5717 was published Sep 23, 2025

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and... Critical Unreviewed

CVE-2025-9321 was published Sep 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Tareq Hasan WP User... Moderate Unreviewed

CVE-2025-58673 was published Sep 22, 2025

Creacast Creabox Manager 4.4.4 contains a critical Remote Code Execution vulnerability accessible... High Unreviewed

CVE-2025-57439 was published Sep 22, 2025

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute... High Unreviewed

CVE-2025-54815 was published Sep 19, 2025

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-10057 was published Sep 17, 2025

The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection... High Unreviewed

CVE-2025-8417 was published Sep 11, 2025

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed

CVE-2025-9539 was published Sep 9, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw... Critical Unreviewed

CVE-2025-42922 was published Sep 9, 2025

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc. Critical Unreviewed

CVE-2025-57141 was published Sep 8, 2025

The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... High Unreviewed

CVE-2025-7366 was published Sep 6, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board... Low Unreviewed

CVE-2025-58827 was published Sep 5, 2025

Previous 1…3…161 Next

Previous 1 2 3 4 5 … 160 161 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,015 advisories