Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,205
NuGet
743
pip
3,978
Pub
12
RubyGems
947
Rust
1,034
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

17 advisories

Loading
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an... Critical Unreviewed
CVE-2024-7954 was published Aug 23, 2024
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability... Moderate Unreviewed
CVE-2025-55585 was published Aug 18, 2025
The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version... High Unreviewed
CVE-2025-8420 was published Aug 6, 2025
PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user... Critical Unreviewed
CVE-2013-10070 was published Aug 5, 2025
A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to... Critical Unreviewed
CVE-2013-10051 was published Aug 1, 2025
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed
CVE-2025-26845 was published May 8, 2025
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is... High Unreviewed
CVE-2023-26323 was published Aug 28, 2024
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to... Critical Unreviewed
CVE-2024-8512 was published Oct 30, 2024
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external... High Unreviewed
CVE-2023-7224 was published Jan 8, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2024-39173 was published Jul 18, 2024
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet:... High Unreviewed
CVE-2023-7101 was published Dec 25, 2023
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows... Critical Unreviewed
CVE-2023-0090 was published Mar 8, 2023
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval... Critical Unreviewed
CVE-2021-23277 was published May 24, 2022
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702,... High Unreviewed
CVE-2021-33678 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database