Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,032 advisories

Loading
In the Print.pl service, the "uhcPrintServerPrint" function allows execution of arbitrary code... Critical Unreviewed
CVE-2025-2313 was published Aug 27, 2025
The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is... Critical Unreviewed
CVE-2025-30055 was published Aug 27, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where... High Unreviewed
CVE-2025-23314 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy... High Unreviewed
CVE-2025-23315 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services... High Unreviewed
CVE-2025-23312 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where... High Unreviewed
CVE-2025-23313 was published Aug 26, 2025
NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by... High Unreviewed
CVE-2025-23307 was published Aug 26, 2025
SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text... High Unreviewed
CVE-2025-52218 was published Aug 26, 2025
Delta Electronics COMMGR has Code Injection vulnerability. High Unreviewed
CVE-2025-53419 was published Aug 26, 2025
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield... Critical Unreviewed
CVE-2022-31491 was published Aug 22, 2025
An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated... Critical Unreviewed
CVE-2024-52786 was published Aug 22, 2025
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed... High Unreviewed
CVE-2010-20120 was published Aug 21, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed
CVE-2025-54019 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed
CVE-2025-53577 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed
CVE-2025-48169 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed
CVE-2025-30975 was published Aug 20, 2025
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to... Critical Unreviewed
CVE-2025-8723 was published Aug 19, 2025
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-8105 was published Aug 16, 2025
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed
CVE-2025-8878 was published Aug 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed
CVE-2025-7961 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed
CVE-2025-54466 was published Aug 15, 2025
The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed
CVE-2025-8905 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML... Critical Unreviewed
CVE-2025-49887 was published Aug 14, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed
CVE-2025-39483 was published Aug 14, 2025
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The... Critical Unreviewed
CVE-2011-10018 was published Aug 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database