Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,483
Maven
5,000+
npm
4,104
NuGet
734
pip
3,917
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,618 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed
CVE-2025-54019 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed
CVE-2025-53577 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed
CVE-2025-48169 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed
CVE-2025-30975 was published Aug 20, 2025
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to... Critical Unreviewed
CVE-2025-8723 was published Aug 19, 2025
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed
CVE-2025-8878 was published Aug 16, 2025
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-8105 was published Aug 16, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS... Moderate Unreviewed
CVE-2025-7961 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE... Moderate Unreviewed
CVE-2025-54466 was published Aug 15, 2025
The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all... Moderate Unreviewed
CVE-2025-8905 was published Aug 15, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML... Critical Unreviewed
CVE-2025-49887 was published Aug 14, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer... Moderate Unreviewed
CVE-2025-39483 was published Aug 14, 2025
Flowise JS injection remote code execution Critical
CVE-2025-55346 was published for flowise (npm) Aug 14, 2025
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The... Critical Unreviewed
CVE-2011-10018 was published Aug 13, 2025
Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its... Critical Unreviewed
CVE-2011-10019 was published Aug 13, 2025
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where... Critical Unreviewed
CVE-2011-10011 was published Aug 13, 2025
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common... Critical Unreviewed
CVE-2011-10013 was published Aug 13, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an... High Unreviewed
CVE-2025-23305 was published Aug 13, 2025
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency,... High Unreviewed
CVE-2025-23298 was published Aug 13, 2025
NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker... High Unreviewed
CVE-2025-23295 was published Aug 13, 2025
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an... High Unreviewed
CVE-2025-23296 was published Aug 13, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments... High Unreviewed
CVE-2025-23306 was published Aug 13, 2025
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-52385 was published Aug 13, 2025
SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker... Moderate Unreviewed
CVE-2025-42945 was published Aug 12, 2025
SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a... Critical Unreviewed
CVE-2025-42950 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database