Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

11,352 advisories

Loading
Potential DoS when using ContextLines integration Low
GHSA-r5w7-f542-q2j4 was published for @sentry/astro (npm) Jan 28, 2025
mstrokin
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker... Low Unreviewed
CVE-2024-0149 was published Jan 28, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3,... Low Unreviewed
CVE-2025-24121 was published Jan 28, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-54475 was published Jan 28, 2025
A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on... Low Unreviewed
CVE-2025-0732 was published Jan 27, 2025
A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows... Low Unreviewed
CVE-2025-0733 was published Jan 27, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55227 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55228 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
Apache Cocoon vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator Low
CVE-2025-24783 was published for org.apache.cocoon:cocoon-forms-impl (Maven) Jan 27, 2025
An improper privilege management vulnerability in OTRS Generic Interface module allows change of... Low Unreviewed
CVE-2024-43446 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2024-28766 was published Jan 27, 2025
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Low Unreviewed
CVE-2024-13450 was published Jan 25, 2025
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an... Low Unreviewed
CVE-2024-35122 was published Jan 24, 2025
Directus has a DOM-Based cross-site scripting (XSS) via layout_options Low
GHSA-9qrm-48qf-r2rw was published for directus (npm) Jan 23, 2025
ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the... Low Unreviewed
CVE-2024-52328 was published Jan 23, 2025
Reflected Cross Site Scripting (XSS) in error message Low
GHSA-74j9-xhqr-6qv3 was published for silverstripe/framework (Composer) Jan 23, 2025
BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could... Low Unreviewed
CVE-2024-42184 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML... Low Unreviewed
CVE-2024-42185 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It... Low Unreviewed
CVE-2024-42183 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can... Low Unreviewed
CVE-2024-42186 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. ... Low Unreviewed
CVE-2024-42182 was published Jan 23, 2025
A vulnerability, which was classified as problematic, was found in CampCodes School Management... Low Unreviewed
CVE-2025-0625 was published Jan 22, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Low Unreviewed
CVE-2025-21520 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2025-21546 was published Jan 21, 2025
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')... Low Unreviewed
CVE-2024-45687 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database