Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,216 advisories

Loading
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-11345 was published Oct 6, 2025
Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0... Moderate Unreviewed
CVE-2025-60537 was published Oct 14, 2025
Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-59190 was published Oct 14, 2025
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to... Moderate Unreviewed
CVE-2025-59198 was published Oct 14, 2025
Improper input validation in Windows Kernel allows an unauthorized attacker to disclose... Moderate Unreviewed
CVE-2025-55679 was published Oct 14, 2025
Django Filer Unrestricted Upload of File with Dangerous Type Moderate
CVE-2024-11404 was published for django-filer (pip) Nov 20, 2024
Astro's `X-Forwarded-Host` is reflected without validation Moderate
CVE-2025-61925 was published for astro (npm) Oct 10, 2025
Chisnet
Credited to Chisnet
Information disclosure may occur while processing the hypervisor log. Moderate Unreviewed
CVE-2025-27040 was published Oct 9, 2025
A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function... Moderate Unreviewed
CVE-2025-10770 was published Sep 22, 2025
A vulnerability has been found in h2oai h2o-3 up to 3.46.08. This affects an unknown function of... Moderate Unreviewed
CVE-2025-10769 was published Sep 22, 2025
A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown... Moderate Unreviewed
CVE-2025-10771 was published Sep 22, 2025
A flaw has been found in h2oai h2o-3 up to 3.46.08. The impacted element is an unknown function... Moderate Unreviewed
CVE-2025-10768 was published Sep 22, 2025
An improper input validation in GE Vernova UR IED family devices from version 7.0 up to 8.60... Moderate Unreviewed
CVE-2025-27253 was published Mar 10, 2025
Enterprise Protection contains an improper input validation vulnerability in attachment defense... Moderate Unreviewed
CVE-2024-10635 was published Apr 28, 2025
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function... Moderate Unreviewed
CVE-2025-11346 was published Oct 6, 2025
A vulnerability was found in LaChatterie Verger up to 1.2.10. This impacts the function... Moderate Unreviewed
CVE-2025-11273 was published Oct 5, 2025
A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0... Moderate Unreviewed
CVE-2025-5326 was published May 29, 2025
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2014-2342 was published May 17, 2022
COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon... Moderate Unreviewed
CVE-2014-2346 was published May 17, 2022
AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input... Moderate Unreviewed
CVE-2024-33659 was published Feb 11, 2025
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on... Moderate Unreviewed
CVE-2024-41887 was published Dec 24, 2024
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on... Moderate Unreviewed
CVE-2024-41886 was published Dec 24, 2024
Calico vulnerable to pod route hijacking Moderate
CVE-2022-28224 was published for github.com/projectcalico/calico (Go) Jun 7, 2022
joshbressers
Credited to joshbressers
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-2165 was published Apr 9, 2024
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6... Moderate Unreviewed
CVE-2020-27336 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database