GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,889

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,032 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nagios Log Server versions prior to 2024R1.3.1 contain a code injection vulnerability where... Critical Unreviewed

CVE-2025-34277 was published Oct 31, 2025

An issue in BusinessNext CRMnext v.10.8.3.0 allows a remote attacker to execute arbitrary code... High Unreviewed

CVE-2025-61196 was published Oct 30, 2025

iib0011 omni-tools v0.4.0 is vulnerable to remote code execution via unsafe JSON deserialization. Critical Unreviewed

CVE-2025-50739 was published Oct 30, 2025

alexusmai laravel-file-manager 3.3.1 and before allows an authenticated attacker to achieve... High Unreviewed

CVE-2025-56399 was published Oct 28, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in videowhisper Paid... Critical Unreviewed

CVE-2025-62959 was published Oct 27, 2025

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2025-8483 was published Oct 25, 2025

A Host Header Injection vulnerability in the password reset component in axewater sharewarez v2.4... High Unreviewed

CVE-2025-61136 was published Oct 23, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque... Critical Unreviewed

CVE-2025-62023 was published Oct 22, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... High Unreviewed

CVE-2025-60206 was published Oct 22, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Sayan Datta WP Last... High Unreviewed

CVE-2025-52756 was published Oct 22, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Laborator Kalium... High Unreviewed

CVE-2025-49926 was published Oct 22, 2025

A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept... Moderate Unreviewed

CVE-2025-8848 was published Oct 22, 2025

An issue in Senayan Library Management System (SLiMS) 9 Bulian v.9.6.1 allows a remote attacker... High Unreviewed

CVE-2025-61488 was published Oct 20, 2025

A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically... Critical Unreviewed

CVE-2025-57567 was published Oct 17, 2025

A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the... Moderate Unreviewed

CVE-2025-11905 was published Oct 17, 2025

A remote, unauthenticated privilege escalation in ibi WebFOCUS allows an attacker to gain... Critical Unreviewed

CVE-2025-11548 was published Oct 14, 2025

An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in... Moderate Unreviewed

CVE-2025-31365 was published Oct 14, 2025

ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An... Critical Unreviewed

CVE-2025-46581 was published Oct 14, 2025

An low privileged remote attacker with an account for the Web-based management can change the... High Unreviewed

CVE-2025-41699 was published Oct 14, 2025

SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript... Moderate Unreviewed

CVE-2025-42901 was published Oct 14, 2025

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an... Moderate Unreviewed

CVE-2025-11344 was published Oct 6, 2025

This vulnerability affects Firefox < 143.0.3. High Unreviewed

CVE-2025-11153 was published Sep 30, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in YayCommerce... Moderate Unreviewed

CVE-2025-60114 was published Sep 26, 2025

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown... Moderate Unreviewed

CVE-2025-10993 was published Sep 26, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability High Unreviewed

CVE-2025-59251 was published Sep 24, 2025

Previous 1…3…162 Next

Previous 1 2 3 4 5 … 161 162 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,032 advisories