Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

273 advisories

Loading
Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this... Moderate Unreviewed
CVE-2025-2489 was published Mar 18, 2025
Openshift Hive Exposes VCenter Credentials via ClusterProvision High
CVE-2025-2241 was published for github.com/openshift/hive (Go) Mar 17, 2025
A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS... Low Unreviewed
CVE-2025-2157 was published Mar 15, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-21098 was published Mar 4, 2025
The connection string visible to users with access to FRSCore database on Foreseer Reporting... Moderate Unreviewed
CVE-2025-22492 was published Feb 28, 2025
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-12315 was published Feb 12, 2025
Inclusion of sensitive information in test code in softsim TA prior to SMR Jan-2025 Release 1... Moderate Unreviewed
CVE-2025-20886 was published Feb 4, 2025
RuoYi allowed unauthorized attackers to view the session ID of the admin in the system monitoring High
CVE-2024-57436 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025
An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a... High Unreviewed
CVE-2024-57546 was published Jan 28, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24108 was published Jan 28, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2025-24117 was published Jan 28, 2025
An information disclosure issue was addressed with improved privacy controls. This issue is fixed... Moderate Unreviewed
CVE-2025-24134 was published Jan 28, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2025-24138 was published Jan 28, 2025
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS... Moderate Unreviewed
CVE-2025-24149 was published Jan 28, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24103 was published Jan 28, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24109 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.2, macOS... Moderate Unreviewed
CVE-2024-54547 was published Jan 28, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2024-54541 was published Jan 28, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2025-24101 was published Jan 28, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2024-54549 was published Jan 28, 2025
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access... Moderate Unreviewed
CVE-2024-55931 was published Jan 27, 2025
Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all... Moderate Unreviewed
CVE-2021-42718 was published Jan 24, 2025
Windows Kerberos Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21299 was published Jan 14, 2025
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows... High Unreviewed
CVE-2025-22983 was published Jan 14, 2025
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0... High Unreviewed
CVE-2025-22984 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database