Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,471
Erlang
33
GitHub Actions
24
Go
2,174
Maven
5,000+
npm
3,835
NuGet
696
pip
3,511
Pub
12
RubyGems
910
Rust
908
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,622 advisories

Loading
In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data... Low Unreviewed
CVE-2025-30258 was published Mar 19, 2025
HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability... Low Unreviewed
CVE-2024-42176 was published Mar 19, 2025
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have... Low Unreviewed
CVE-2025-30235 was published Mar 19, 2025
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on... Low Unreviewed
CVE-2025-25040 was published Mar 18, 2025
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ... Low Unreviewed
CVE-2025-29431 was published Mar 17, 2025
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the... Low Unreviewed
CVE-2025-25618 was published Mar 17, 2025
Mattermost Desktop App allows the bypass of Transparency, Consent, and Control (TCC) via code injection Low
CVE-2025-1398 was published for mattermost-desktop (npm) Mar 17, 2025
A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote... Low Unreviewed
CVE-2019-17659 was published Mar 17, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods Low
CVE-2025-27512 was published for zincati (Rust) Mar 17, 2025
jlebon
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as... Low Unreviewed
CVE-2025-2349 was published Mar 17, 2025
A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic.... Low Unreviewed
CVE-2025-2341 was published Mar 16, 2025
The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of... Low Unreviewed
CVE-2025-1624 was published Mar 16, 2025
The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of... Low Unreviewed
CVE-2025-1623 was published Mar 16, 2025
The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of... Low Unreviewed
CVE-2025-1622 was published Mar 16, 2025
A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS... Low Unreviewed
CVE-2025-2157 was published Mar 15, 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Low Unreviewed
CVE-2022-29059 was published Mar 14, 2025
Snowflake JDBC Driver client-side encryption key in DEBUG logs Low
CVE-2025-27496 was published for net.snowflake:snowflake-jdbc (Maven) Mar 13, 2025
MODX allows cross-site scripting (XSS) via an SVG file Low
CVE-2025-28010 was published for modx/revolution (Composer) Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior... Low Unreviewed
CVE-2024-7296 was published Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all... Low Unreviewed
CVE-2024-8402 was published Mar 13, 2025
Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service... Low Unreviewed
CVE-2025-0883 was published Mar 12, 2025
An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.3.52.928... Low Unreviewed
CVE-2024-13870 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency... Low Unreviewed
CVE-2025-21860 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in... Low Unreviewed
CVE-2025-21851 was published Mar 12, 2025
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi... Low Unreviewed
CVE-2025-24912 was published Mar 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database