Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,765 advisories

Loading
FlowiseAI Pre-Auth Arbitrary Code Execution Critical
CVE-2025-57164 was published for flowise (npm) Sep 15, 2025
Dipper37701
Credited to Dipper37701
Withdrawn Advisory: Gradio was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py Critical
CVE-2024-39236 was published for Gradio (pip) Jul 1, 2024 withdrawn
kmulka-bloomberg
Credited to kmulka-bloomberg
An issue in Senayan Library Management System (SLiMS) 9 Bulian v.9.6.1 allows a remote attacker... High Unreviewed
CVE-2025-61488 was published Oct 20, 2025
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT... Critical Unreviewed
CVE-2015-7450 was published May 17, 2022
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd... Moderate Unreviewed
CVE-2020-9377 was published May 24, 2022
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5,... Critical Unreviewed
CVE-2020-25223 was published May 24, 2022
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an... High Unreviewed
CVE-2020-8243 was published May 24, 2022
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed
CVE-2021-22502 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab... Critical Unreviewed
CVE-2021-22205 was published May 24, 2022
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote... High Unreviewed
CVE-2021-22894 was published May 24, 2022
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4... High Unreviewed
CVE-2021-22900 was published May 24, 2022
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code... Critical Unreviewed
CVE-2017-7494 was published May 14, 2022
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to... High Unreviewed
CVE-2017-8759 was published May 14, 2022
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to... Critical Unreviewed
CVE-2022-3236 was published Sep 25, 2022
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an... Moderate Unreviewed
CVE-2022-41223 was published Nov 22, 2022
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET... Critical Unreviewed
CVE-2023-25717 was published Feb 13, 2023
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion... Critical Unreviewed
CVE-2019-7609 was published May 13, 2022
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter... High Unreviewed
CVE-2019-16759 was published May 24, 2022
There was a server-side template injection vulnerability in Jira Server and Data Center, in the... Critical Unreviewed
CVE-2019-11581 was published May 24, 2022
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem... High Unreviewed
CVE-2023-41179 was published Sep 19, 2023
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows... High Unreviewed
CVE-2019-4716 was published May 24, 2022
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. High Unreviewed
CVE-2020-8644 was published May 24, 2022
Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed
CVE-2020-5847 was published May 24, 2022
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1... High Unreviewed
CVE-2020-5902 was published May 24, 2022
A code injection vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker to... Moderate Unreviewed
CVE-2020-8218 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database