Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,846
Erlang
36
GitHub Actions
33
Go
2,467
Maven
5,000+
npm
4,090
NuGet
733
pip
3,907
Pub
12
RubyGems
944
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,610 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18... Moderate Unreviewed
CVE-2025-5101 was published Aug 27, 2025
The Freeform CraftCMS plugin contains an Server-side template injection (SSTI) vulnerability Critical
CVE-2025-52122 was published for solspace/craft-freeform (Composer) Aug 27, 2025
In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command... Critical Unreviewed
CVE-2025-30057 was published Aug 27, 2025
The RunCommand function accepts any parameter, which is then passed for execution in the shell.... Critical Unreviewed
CVE-2025-30056 was published Aug 27, 2025
In the Print.pl service, the "uhcPrintServerPrint" function allows execution of arbitrary code... Critical Unreviewed
CVE-2025-2313 was published Aug 27, 2025
The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is... Critical Unreviewed
CVE-2025-30055 was published Aug 27, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy... High Unreviewed
CVE-2025-23315 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where... High Unreviewed
CVE-2025-23314 was published Aug 26, 2025
NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by... High Unreviewed
CVE-2025-23307 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where... High Unreviewed
CVE-2025-23313 was published Aug 26, 2025
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services... High Unreviewed
CVE-2025-23312 was published Aug 26, 2025
SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text... High Unreviewed
CVE-2025-52218 was published Aug 26, 2025
Delta Electronics COMMGR has Code Injection vulnerability. High Unreviewed
CVE-2025-53419 was published Aug 26, 2025
Craft CMS Potential Remote Code Execution via Twig SSTI Moderate
CVE-2025-57811 was published for craftcms/cms (Composer) Aug 25, 2025
singetu0096
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield... Critical Unreviewed
CVE-2022-31491 was published Aug 22, 2025
An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated... Critical Unreviewed
CVE-2024-52786 was published Aug 22, 2025
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed... High Unreviewed
CVE-2010-20120 was published Aug 21, 2025
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed
CVE-2011-10026 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone... Moderate Unreviewed
CVE-2025-54019 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS... Critical Unreviewed
CVE-2025-53577 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine... Critical Unreviewed
CVE-2025-48169 was published Aug 20, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom... High Unreviewed
CVE-2025-30975 was published Aug 20, 2025
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to... Critical Unreviewed
CVE-2025-8723 was published Aug 19, 2025
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed
CVE-2025-8878 was published Aug 16, 2025
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-8105 was published Aug 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database