Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,521 advisories

Loading
A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed
CVE-2024-57064 was published Feb 6, 2025
A prototype pollution in the lib.combine function of php-parser v3.2.1 allows attackers to cause... High Unreviewed
CVE-2024-57071 was published Feb 6, 2025
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed
CVE-2024-57063 was published Feb 6, 2025
A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a... High Unreviewed
CVE-2024-57065 was published Feb 6, 2025
module-from-string prototype pollution High
CVE-2024-57072 was published for module-from-string (npm) Feb 6, 2025
Contrast's unauthenticated recovery allows Coordinator impersonation High
GHSA-vqv5-385r-2hf8 was published for github.com/edgelesssys/contrast (Go) Feb 5, 2025
3u13r burgerdev
katexochen
Credited to 3u13r, burgerdev, and katexochen
MobSF Local Privilege Escalation High
CVE-2025-24805 was published for mobsf (pip) Feb 5, 2025
MobSF Partial Denial of Service (DoS) High
CVE-2025-24804 was published for mobsf (pip) Feb 5, 2025
MobSF Stored Cross-Site Scripting (XSS) High
CVE-2025-24803 was published for mobsf (pip) Feb 5, 2025
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing... High Unreviewed
CVE-2025-21087 was published Feb 5, 2025
Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command... High Unreviewed
CVE-2025-20029 was published Feb 5, 2025
When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause... High Unreviewed
CVE-2025-23412 was published Feb 5, 2025
When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured,... High Unreviewed
CVE-2025-24326 was published Feb 5, 2025
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central... High Unreviewed
CVE-2025-24319 was published Feb 5, 2025
When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP... High Unreviewed
CVE-2025-20045 was published Feb 5, 2025
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint... High Unreviewed
CVE-2025-22891 was published Feb 5, 2025
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is... High Unreviewed
CVE-2025-24312 was published Feb 5, 2025
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed
CVE-2025-21091 was published Feb 5, 2025
When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can... High Unreviewed
CVE-2025-20058 was published Feb 5, 2025
When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server,... High Unreviewed
CVE-2025-22846 was published Feb 5, 2025
When URL categorization is configured on a virtual server, undisclosed requests can cause TMM to... High Unreviewed
CVE-2025-24497 was published Feb 5, 2025
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS... High Unreviewed
CVE-2024-56135 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20171 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS... High Unreviewed
CVE-2025-20172 was published Feb 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database