Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,791
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,996
NuGet
720
pip
3,795
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

235 advisories

Loading
A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent... Critical Unreviewed
CVE-2025-34064 was published Jul 1, 2025
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and... Critical Unreviewed
CVE-2023-47029 was published Jun 23, 2025
An information disclosure vulnerability exists in Aquatronica Controller System firmware versions... Critical Unreviewed
CVE-2025-25037 was published Jun 20, 2025
GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF) Critical
CVE-2024-34711 was published for org.geoserver.main:gs-main (Maven) Jun 10, 2025
lemauanhphong jodygarnett
Exposure of sensitive information to an unauthorized actor in Power Automate allows an... Critical Unreviewed
CVE-2025-47966 was published Jun 5, 2025
PrinterShare Android application allows the capture of Gmail authentication tokens that can be... Critical Unreviewed
CVE-2025-5098 was published May 23, 2025
The issue was addressed with improved restriction of data container access. This issue is fixed... Critical Unreviewed
CVE-2025-31183 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30426 was published Apr 1, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-30424 was published Apr 1, 2025
This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5... Critical Unreviewed
CVE-2025-24279 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24253 was published Apr 1, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24278 was published Apr 1, 2025
A privacy issue was addressed by moving sensitive data to a protected location. This issue is... Critical Unreviewed
CVE-2025-24263 was published Apr 1, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24246 was published Apr 1, 2025
This issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24250 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24242 was published Apr 1, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24239 was published Apr 1, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24232 was published Apr 1, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app... Critical Unreviewed
CVE-2025-24204 was published Apr 1, 2025
The issue was addressed with improved handling of protocols. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2024-40864 was published Apr 1, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27675 was published Mar 5, 2025
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Critical
GHSA-vjh7-7g9h-fjfh was published for elliptic (npm) Feb 12, 2025
ChALkeR jprichardson
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Critical
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
hboutemy yusuke-koyoshi
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24174 was published Jan 28, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24109 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database