GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,884

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,032 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where... High Unreviewed

CVE-2025-23348 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script... High Unreviewed

CVE-2025-23353 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq... High Unreviewed

CVE-2025-23349 was published Sep 24, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script... High Unreviewed

CVE-2025-23354 was published Sep 24, 2025

An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due... Moderate Unreviewed

CVE-2025-5717 was published Sep 23, 2025

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and... Critical Unreviewed

CVE-2025-9321 was published Sep 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Tareq Hasan WP User... Moderate Unreviewed

CVE-2025-58673 was published Sep 22, 2025

Creacast Creabox Manager 4.4.4 contains a critical Remote Code Execution vulnerability accessible... High Unreviewed

CVE-2025-57439 was published Sep 22, 2025

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute... High Unreviewed

CVE-2025-54815 was published Sep 19, 2025

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-10057 was published Sep 17, 2025

The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection... High Unreviewed

CVE-2025-8417 was published Sep 11, 2025

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed

CVE-2025-9539 was published Sep 9, 2025

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode... Moderate Unreviewed

CVE-2025-9489 was published Sep 9, 2025

SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw... Critical Unreviewed

CVE-2025-42922 was published Sep 9, 2025

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc. Critical Unreviewed

CVE-2025-57141 was published Sep 8, 2025

The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... High Unreviewed

CVE-2025-7366 was published Sep 6, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board... Low Unreviewed

CVE-2025-58827 was published Sep 5, 2025

The atec Debug plugin for WordPress is vulnerable to remote code execution in all versions up to,... High Unreviewed

CVE-2025-9517 was published Sep 4, 2025

The Easy Timer plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,... High Unreviewed

CVE-2025-9519 was published Sep 4, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube... High Unreviewed

CVE-2025-54731 was published Aug 28, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy... Critical Unreviewed

CVE-2025-48100 was published Aug 28, 2025

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18... Moderate Unreviewed

CVE-2025-5101 was published Aug 27, 2025

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34159 was published Aug 27, 2025

In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command... Critical Unreviewed

CVE-2025-30057 was published Aug 27, 2025

The RunCommand function accepts any parameter, which is then passed for execution in the shell.... Critical Unreviewed

CVE-2025-30056 was published Aug 27, 2025

Previous 1…4…162 Next

Previous 1 2 3 4 5 6 … 161 162 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,032 advisories