GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
11,354 advisories
Filter by severity
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')...
Low
Unreviewed
CVE-2024-45687
was published
Jan 21, 2025
A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as...
Low
Unreviewed
CVE-2024-13524
was published
Jan 20, 2025
A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as...
Low
Unreviewed
CVE-2025-0575
was published
Jan 20, 2025
A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This...
Low
Unreviewed
CVE-2025-0567
was published
Jan 19, 2025
AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider
Low
CVE-2025-23206
was published
for
aws-cdk-lib
(npm)
Jan 17, 2025
Multiple bash files were present in the application's private directory.
Bash files can be used...
Low
Unreviewed
CVE-2024-54681
was published
Jan 17, 2025
Hard-coded credentials were included as part of the application binary.
These credentials served...
Low
Unreviewed
CVE-2024-45832
was published
Jan 17, 2025
TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals,...
Low
Unreviewed
CVE-2024-11146
was published
Jan 17, 2025
Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before...
Low
Unreviewed
CVE-2024-37181
was published
Jan 16, 2025
An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a...
Low
Unreviewed
CVE-2024-55503
was published
Jan 16, 2025
In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject...
Low
Unreviewed
CVE-2024-53407
was published
Jan 16, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and...
Low
Unreviewed
CVE-2024-40839
was published
Jan 15, 2025
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O...
Low
Unreviewed
CVE-2024-5198
was published
Jan 15, 2025
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message
Low
GHSA-mqf3-qpc3-g26q
was published
for
silverstripe/framework
(Composer)
Jan 14, 2025
Lodestar snappy checksum issue
Low
GHSA-m9c9-mc2h-9wjw
was published
for
@lodestar/reqresp
(npm)
Jan 14, 2025
Lodestar snappy decompression issue
Low
GHSA-53rv-hcvm-rpp9
was published
for
@lodestar/reqresp
(npm)
Jan 14, 2025
Windows Smart Card Reader Information Disclosure Vulnerability
Low
Unreviewed
CVE-2025-21312
was published
Jan 14, 2025
Vyper Does Not Check the Success of Certain Precompile Calls
Low
CVE-2025-21607
was published
for
vyper
(pip)
Jan 14, 2025
CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER
Low
CVE-2025-0343
was published
for
github.com/apple/swift-asn1
(Swift)
Jan 14, 2025
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2...
Low
Unreviewed
CVE-2024-46669
was published
Jan 14, 2025
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all...
Low
Unreviewed
CVE-2024-50564
was published
Jan 14, 2025
A improper neutralization of special elements used in an sql command ('sql injection') in...
Low
Unreviewed
CVE-2024-55593
was published
Jan 14, 2025
A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2...
Low
Unreviewed
CVE-2024-52963
was published
Jan 14, 2025
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet...
Low
Unreviewed
CVE-2024-52967
was published
Jan 14, 2025
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7...
Low
Unreviewed
CVE-2024-46665
was published
Jan 14, 2025
ProTip!
Advisories are also available from the
GraphQL API