GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,904
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,711
Maven 6,141
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,899

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

946 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation... Moderate Unreviewed

CVE-2025-37157 was published Nov 18, 2025

In Apache CloudStack improper control of generation of code ('Code Injection') vulnerability is... Moderate Unreviewed

CVE-2025-59302 was published Nov 27, 2025

The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks... Moderate Unreviewed

CVE-2025-63693 was published Nov 18, 2025

The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2025-7711 was published Nov 18, 2025

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of... Moderate Unreviewed

CVE-2024-48829 was published Nov 12, 2025

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a... Moderate Unreviewed

CVE-2025-42895 was published Nov 11, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed

CVE-2025-54466 was published Aug 15, 2025

PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51331 was published Feb 20, 2025

PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed

CVE-2023-51317 was published Feb 20, 2025

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51320 was published Feb 20, 2025

PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51324 was published Feb 20, 2025

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute... Moderate Unreviewed

CVE-2023-51797 was published Apr 19, 2024

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows.... Moderate Unreviewed

CVE-2024-27793 was published May 14, 2024

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code.... Moderate Unreviewed

CVE-2023-39333 was published Sep 7, 2024

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly... Moderate Unreviewed

CVE-2024-6923 was published Aug 1, 2024

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed

CVE-2023-6604 was published Jan 6, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept... Moderate Unreviewed

CVE-2025-8848 was published Oct 22, 2025

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2025-8483 was published Oct 25, 2025

A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the... Moderate Unreviewed

CVE-2025-11905 was published Oct 17, 2025

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed

CVE-2024-8069 was published Nov 12, 2024

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug... Moderate Unreviewed

CVE-2024-20359 was published Apr 24, 2024

[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ... Moderate Unreviewed

CVE-2023-6548 was published Jan 17, 2024

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up... Moderate Unreviewed

CVE-2021-22204 was published May 24, 2022

A code injection vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker to... Moderate Unreviewed

CVE-2020-8218 was published May 24, 2022

Previous1…38 Next

Previous 1 2 3 4 5 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

946 advisories