Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
InventoryGui allows item duplication in GUIs which use GuiStorageElement Moderate
CVE-2025-62784 was published for de.themoep:inventorygui (Maven) Oct 28, 2025
InventoryGui allows item duplication with experimental "Bundle" item in GUIs which use GuiStorageElement Moderate
CVE-2025-62782 was published for de.themoep:inventorygui (Maven) Oct 27, 2025
InventoryGui affected by item duplication in GUIs which use GuiStorageElement Moderate
CVE-2025-62783 was published for de.themoep:inventorygui (Maven) Oct 27, 2025
FaMa91
Credited to FaMa91
The Matrix specification before 1.16 (i.e., with a room version before 12) lacks create event... High Unreviewed
CVE-2025-54315 was published Oct 2, 2025
Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an... Moderate Unreviewed
CVE-2025-58135 was published Sep 10, 2025
In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators... Moderate Unreviewed
CVE-2024-11301 was published Mar 20, 2025
Tokens in CTFd used for account activation and password resetting can be used interchangeably for... Moderate Unreviewed
CVE-2024-11717 was published Jan 2, 2025
While assignment of a user to a team (bracket) in CTFd should be possible only once, at the... Moderate Unreviewed
CVE-2024-11716 was published Jan 2, 2025
Keycloak Services has a potential bypass of brute force protection Moderate
CVE-2024-4629 was published for org.keycloak:keycloak-services (Maven) Sep 17, 2024
Duplicate Advisory: Keycloak has a brute force login protection bypass Moderate
GHSA-8wm9-24qg-m5qj was published for org.keycloak:keycloak-services (Maven) Sep 3, 2024 withdrawn
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an... Moderate Unreviewed
CVE-2023-6759 was published Dec 13, 2023
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue... Low Unreviewed
CVE-2023-6467 was published Dec 2, 2023
A vulnerability classified as problematic has been found in IceCMS 2.0.1. Affected is an unknown... Moderate Unreviewed
CVE-2023-6438 was published Nov 30, 2023
A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by... Moderate Unreviewed
CVE-2023-5313 was published Sep 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database