GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,639

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,760 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Spree Commerce is vulnerable to RCE through Search API Critical

CVE-2011-10026 was published for rd_searchlogic (RubyGems) Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed

CVE-2025-54019 was published Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed

CVE-2025-53577 was published Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed

CVE-2025-48169 was published Aug 20, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed

CVE-2025-30975 was published Aug 20, 2025

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to... Critical Unreviewed

CVE-2025-8723 was published Aug 19, 2025

The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2025-8105 was published Aug 16, 2025

The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed

CVE-2025-8878 was published Aug 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed

CVE-2025-7961 was published Aug 15, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed

CVE-2025-54466 was published Aug 15, 2025

The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed

CVE-2025-8905 was published Aug 15, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML... Critical Unreviewed

CVE-2025-49887 was published Aug 14, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed

CVE-2025-39483 was published Aug 14, 2025

Duplicate Advisory: Flowise vulnerable to RCE via Dynamic function constructor injection Critical

GHSA-q4xx-mc3q-23x8 was published for flowise (npm) Aug 14, 2025 • withdrawn

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The... Critical Unreviewed

CVE-2011-10018 was published Aug 13, 2025

Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its... Critical Unreviewed

CVE-2011-10019 was published Aug 13, 2025

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where... Critical Unreviewed

CVE-2011-10011 was published Aug 13, 2025

Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common... Critical Unreviewed

CVE-2011-10013 was published Aug 13, 2025

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component,... High Unreviewed

CVE-2025-23304 was published Aug 13, 2025

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an... High Unreviewed

CVE-2025-23296 was published Aug 13, 2025

NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker... High Unreviewed

CVE-2025-23295 was published Aug 13, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments... High Unreviewed

CVE-2025-23306 was published Aug 13, 2025

NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency,... High Unreviewed

CVE-2025-23298 was published Aug 13, 2025

NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an... High Unreviewed

CVE-2025-23305 was published Aug 13, 2025

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2025-52385 was published Aug 13, 2025

Previous 1…7…191 Next

Previous 1 2 … 5 6 7 8 9 … 190 191 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,760 advisories