GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

142 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-5762 was published Aug 21, 2024

The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2024-8252 was published Aug 30, 2024

Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server... High Unreviewed

CVE-2024-43690 was published Sep 11, 2024

The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init... High Unreviewed

CVE-2024-45416 was published Sep 16, 2024

Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component... High Unreviewed

CVE-2022-49038 was published Sep 26, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-49243 was published Oct 18, 2024

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an... Critical Unreviewed

CVE-2024-9537 was published Oct 18, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-50497 was published Oct 28, 2024

The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does... High Unreviewed

CVE-2024-48336 was published Nov 4, 2024

An issue was discovered in the Webmail Classic UI in Zimbra Collaboration (ZCS) 9.0 and 10.0 and... High Unreviewed

CVE-2024-54663 was published Dec 20, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed

CVE-2024-56216 was published Dec 31, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2024-49649 was published Jan 7, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-53800 was published Jan 7, 2025

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an... Critical Unreviewed

CVE-2025-0982 was published Feb 6, 2025

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... High Unreviewed

CVE-2024-13353 was published Feb 21, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27668 was published Mar 5, 2025

Kedro allows Remote Code Execution by Pulling Micro Packages High

CVE-2024-12215 was published for kedro (pip) Mar 20, 2025

An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B... High Unreviewed

CVE-2024-45482 was published Mar 25, 2025

A flaw was found in Yelp. The Gnome user help application allows the help document to execute... Moderate Unreviewed

CVE-2025-3155 was published Apr 3, 2025

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-33026 was published Apr 15, 2025

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This... Moderate Unreviewed

CVE-2025-33027 was published Apr 15, 2025

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated,... High Unreviewed

CVE-2025-20236 was published Apr 16, 2025

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd... Moderate Unreviewed

CVE-2024-52976 was published May 1, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-39507 was published May 16, 2025

@nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests Critical

CVE-2025-36852 was published for @nx/azure-cache (npm) Jun 10, 2025

Previous 1…56 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

142 advisories