GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,341

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

860 advisories

Filter by severity

Sort by

Least recently updated

There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the... Moderate Unreviewed

CVE-2025-25507 was published Feb 21, 2025

The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in... Moderate Unreviewed

CVE-2024-13900 was published Feb 21, 2025

PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51324 was published Feb 20, 2025

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51320 was published Feb 20, 2025

PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which... Moderate Unreviewed

CVE-2023-51331 was published Feb 20, 2025

PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed

CVE-2023-51317 was published Feb 20, 2025

Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote... Moderate Unreviewed

CVE-2025-27218 was published Feb 20, 2025

The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2024-13689 was published Feb 18, 2025

Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516... Moderate Unreviewed

CVE-2024-51122 was published Feb 13, 2025

The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13814 was published Feb 12, 2025

An issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to... Moderate Unreviewed

CVE-2024-33469 was published Feb 12, 2025

The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2024-7425 was published Feb 7, 2025

An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute... Moderate Unreviewed

CVE-2024-55241 was published Feb 7, 2025

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12415 was published Jan 31, 2025

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by... Moderate Unreviewed

CVE-2024-40673 was published Jan 28, 2025

An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject... Moderate Unreviewed

CVE-2024-55504 was published Jan 21, 2025

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10970 was published Jan 16, 2025

SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted... Moderate Unreviewed

CVE-2025-0060 was published Jan 14, 2025

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name... Moderate Unreviewed

CVE-2024-54999 was published Jan 13, 2025

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file... Moderate Unreviewed

CVE-2024-57487 was published Jan 13, 2025

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability... Moderate Unreviewed

CVE-2024-54997 was published Jan 10, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful... Moderate Unreviewed

CVE-2024-56448 was published Jan 8, 2025

A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed

CVE-2025-0295 was published Jan 7, 2025

The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-12419 was published Jan 7, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

Previous 1 2 3 4 5 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

860 advisories