Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,699
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,941
NuGet
708
pip
3,708
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,950 advisories

Loading
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME... Low Unreviewed
CVE-2025-4945 was published May 19, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3... Low Unreviewed
CVE-2025-31185 was published May 19, 2025
LibreNMS stored Cross-site Scripting vulnerability in poller group name Low
CVE-2025-47931 was published for librenms/librenms (Composer) May 19, 2025
Fewword
a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with... Low Unreviewed
CVE-2025-41429 was published May 19, 2025
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in ... Low Unreviewed
CVE-2025-23165 was published May 19, 2025
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in ... Low Unreviewed
CVE-2025-23122 was published May 19, 2025
O2 UK through 2025-05-17 allows subscribers to determine the Cell ID of other subscribers by... Low Unreviewed
CVE-2025-48219 was published May 18, 2025
A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as... Low Unreviewed
CVE-2025-4839 was published May 18, 2025
A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an... Low Unreviewed
CVE-2025-4819 was published May 17, 2025
libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data... Low Unreviewed
CVE-2025-48188 was published May 16, 2025
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured... Low Unreviewed
CVE-2025-22233 was published May 16, 2025
Vyper's `slice()` may elide side-effects when output length is 0 Low
CVE-2025-47774 was published for vyper (pip) May 16, 2025
Vyper's `concat()` builtin may elide side-effects for zero-length arguments Low
CVE-2025-47285 was published for vyper (pip) May 16, 2025
th3anatomist
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability... Low Unreviewed
CVE-2025-40632 was published May 16, 2025
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By... Low Unreviewed
CVE-2025-40631 was published May 16, 2025
Mattermost Fails to Check User Access to `ExperimentalSettings` Low
CVE-2025-2570 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
undici Denial of Service attack via bad certificate data Low
CVE-2025-47279 was published for undici (npm) May 15, 2025
styfle mcollina
Next.js Race Condition to Cache Poisoning Low
CVE-2025-32421 was published for next (npm) May 15, 2025
cold-try
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed
CVE-2025-4762 was published May 15, 2025
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager... Low Unreviewed
CVE-2025-27525 was published May 15, 2025
Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not... Low Unreviewed
CVE-2025-0138 was published May 14, 2025
Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-20616 was published May 13, 2025
Protection mechanism failure for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-21081 was published May 13, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-20030 was published May 13, 2025
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Low Unreviewed
CVE-2025-20076 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database