GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,147
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,634

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

517 advisories

Filter by severity

Sort by

Least recently updated

The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed

CVE-2024-42936 was published Jan 21, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName... Critical Unreviewed

CVE-2025-22906 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter... Critical Unreviewed

CVE-2025-22905 was published Jan 16, 2025

An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH... Critical Unreviewed

CVE-2025-22968 was published Jan 15, 2025

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call... Critical Unreviewed

CVE-2023-28354 was published Jan 10, 2025

PHPYun before 7.0.2 is vulnerable to code execution through backdoor-restricted arbitrary file... Critical Unreviewed

CVE-2024-54724 was published Jan 9, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary... Critical Unreviewed

CVE-2024-11613 was published Jan 8, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all... Critical Unreviewed

CVE-2024-11635 was published Jan 8, 2025

File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-50660 was published Jan 7, 2025

Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to... Critical Unreviewed

CVE-2024-50658 was published Jan 7, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP... Critical Unreviewed

CVE-2024-56278 was published Jan 7, 2025

The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing... Critical Unreviewed

CVE-2024-12252 was published Jan 7, 2025

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template. Critical Unreviewed

CVE-2024-55529 was published Jan 6, 2025

A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script... Critical Unreviewed

CVE-2024-12652 was published Dec 26, 2024

A denial-of-service and possible remote code execution vulnerability exists in the Rockwell... Critical Unreviewed

CVE-2024-12372 was published Dec 18, 2024

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... Critical Unreviewed

CVE-2023-34990 was published Dec 18, 2024

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed

CVE-2024-55085 was published Dec 17, 2024

ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed

CVE-2024-21576 was published Dec 13, 2024

ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed

CVE-2024-21577 was published Dec 13, 2024

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed

CVE-2024-42448 was published Dec 12, 2024

Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed

CVE-2022-38946 was published Dec 9, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro... Critical Unreviewed

CVE-2024-51815 was published Dec 6, 2024

Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT... Critical Unreviewed

CVE-2024-48840 was published Dec 5, 2024

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

517 advisories