Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,742
Maven
5,000+
npm
4,339
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,019 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed
CVE-2025-53577 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed
CVE-2025-48169 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed
CVE-2025-30975 was published Aug 20, 2025
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to... Critical Unreviewed
CVE-2025-8723 was published Aug 19, 2025
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-8105 was published Aug 16, 2025
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed
CVE-2025-8878 was published Aug 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed
CVE-2025-7961 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed
CVE-2025-54466 was published Aug 15, 2025
The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed
CVE-2025-8905 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML... Critical Unreviewed
CVE-2025-49887 was published Aug 14, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed
CVE-2025-39483 was published Aug 14, 2025
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The... Critical Unreviewed
CVE-2011-10018 was published Aug 13, 2025
Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its... Critical Unreviewed
CVE-2011-10019 was published Aug 13, 2025
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common... Critical Unreviewed
CVE-2011-10013 was published Aug 13, 2025
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where... Critical Unreviewed
CVE-2011-10011 was published Aug 13, 2025
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component,... High Unreviewed
CVE-2025-23304 was published Aug 13, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments... High Unreviewed
CVE-2025-23306 was published Aug 13, 2025
NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker... High Unreviewed
CVE-2025-23295 was published Aug 13, 2025
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an... High Unreviewed
CVE-2025-23296 was published Aug 13, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an... High Unreviewed
CVE-2025-23305 was published Aug 13, 2025
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency,... High Unreviewed
CVE-2025-23298 was published Aug 13, 2025
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-52385 was published Aug 13, 2025
SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed
CVE-2025-42950 was published Aug 12, 2025
SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function... Critical Unreviewed
CVE-2025-42957 was published Aug 12, 2025
SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker... Moderate Unreviewed
CVE-2025-42945 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database