Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,060 advisories

Loading
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval... High Unreviewed
CVE-2023-33440 was published May 26, 2023
Windows Search Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21292 was published Jan 14, 2025
Microsoft Power Automate Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21187 was published Jan 14, 2025
The administrator is able to configure an insecure captive portal script High Unreviewed
CVE-2024-9132 was published Jan 11, 2025
An issue was discovered in South River Technologies TitanFTP NextGen server that allows for a... High Unreviewed
CVE-2023-27744 was published Jun 2, 2023
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30962 was published Dec 6, 2024
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed
CVE-2024-53564 was published Dec 2, 2024
The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator... High Unreviewed
CVE-2024-12471 was published Jan 7, 2025
A potential security vulnerability has been identified with a version of the HP Softpaq installer... High Unreviewed
CVE-2019-16283 was published Jun 9, 2023
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-37982 was published Oct 12, 2022
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2022-30141 was published Jun 16, 2022
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30145 was published Jun 16, 2022
Windows Fax Service Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-29115 was published May 11, 2022
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-50715 was published Dec 27, 2024
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via... High Unreviewed
CVE-2024-54907 was published Dec 26, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system... High Unreviewed
CVE-2024-9154 was published Dec 19, 2024
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-11977 was published Dec 21, 2024
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2013-3163 was published May 14, 2022
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed
CVE-2024-12729 was published Dec 19, 2024
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9... High Unreviewed
CVE-2009-1862 was published May 2, 2022
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for... High Unreviewed
CVE-2009-0557 was published May 2, 2022
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed
CVE-2024-11740 was published Dec 19, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary... High Unreviewed
CVE-2024-40671 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database