Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,474 advisories

Loading
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for... Low Unreviewed
CVE-2024-45674 was published Feb 22, 2025
Leantime allows Cross-Site Scripting (XSS) Low
GHSA-f679-254h-qhvj was published for leantime/leantime (Composer) Feb 21, 2025
justWalsdi
Leantime has Missing Authorization Check for Host Parameter Low
GHSA-3hfj-qcvj-4hx8 was published for leantime/leantime (Composer) Feb 21, 2025
harshilsecurify
Vyper has a double eval in For List Iter Low
CVE-2025-27104 was published for vyper (pip) Feb 21, 2025
AugAssign evaluation order causing OOB write within the object in Vyper Low
CVE-2025-27105 was published for vyper (pip) Feb 21, 2025
Vyper's sqrt doesn't define rounding behavior Low
CVE-2025-26622 was published for vyper (pip) Feb 21, 2025
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects... Low Unreviewed
CVE-2025-25878 was published Feb 21, 2025
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects... Low Unreviewed
CVE-2025-25877 was published Feb 21, 2025
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and... Low Unreviewed
CVE-2024-13314 was published Feb 21, 2025
The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13585 was published Feb 21, 2025
Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171 Low
GHSA-5mwf-688x-mr7x was published for nokogiri (RubyGems) Feb 19, 2025
A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an... Low Unreviewed
CVE-2025-1465 was published Feb 19, 2025
Authelia applies regulation separately to Username-based logins to Email-based logins Low
CVE-2025-24806 was published for github.com/authelia/authelia/v4 (Go) Feb 19, 2025
tsschaffert Ahrdie
caesarakalaeii
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in... Low Unreviewed
CVE-2025-27113 was published Feb 19, 2025
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted... Low Unreviewed
CVE-2024-57257 was published Feb 19, 2025
Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171 Low
GHSA-vvfq-8hwr-qm4m was published for nokogiri (RubyGems) Feb 18, 2025
Keycloak allows cross-site scripting (XSS) Low
CVE-2024-4028 was published for org.keycloak:keycloak-core (Maven) Feb 18, 2025
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability... Low Unreviewed
CVE-2025-1376 was published Feb 17, 2025
A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux.... Low Unreviewed
CVE-2025-1369 was published Feb 17, 2025
A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This... Low Unreviewed
CVE-2025-1352 was published Feb 16, 2025
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview... Low Unreviewed
CVE-2024-31144 was published Feb 14, 2025
Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint... Low Unreviewed
CVE-2025-0503 was published Feb 14, 2025
There is a defect in the CPython standard library module “mimetypes” where on Windows the default... Low Unreviewed
CVE-2024-3220 was published Feb 14, 2025
Fyrox has unsound usages of `Vec::from_raw_parts` Low
GHSA-h7h7-6mx3-r89v was published for fyrox-core (Rust) Feb 14, 2025
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter... Low Unreviewed
CVE-2025-25899 was published Feb 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database