Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,565 advisories

Loading
Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171 Low
GHSA-vvfq-8hwr-qm4m was published for nokogiri (RubyGems) Feb 18, 2025
Keycloak allows cross-site scripting (XSS) Low
CVE-2024-4028 was published for org.keycloak:keycloak-core (Maven) Feb 18, 2025
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability... Low Unreviewed
CVE-2025-1376 was published Feb 17, 2025
A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux.... Low Unreviewed
CVE-2025-1369 was published Feb 17, 2025
A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This... Low Unreviewed
CVE-2025-1352 was published Feb 16, 2025
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview... Low Unreviewed
CVE-2024-31144 was published Feb 14, 2025
Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint... Low Unreviewed
CVE-2025-0503 was published Feb 14, 2025
There is a defect in the CPython standard library module “mimetypes” where on Windows the default... Low Unreviewed
CVE-2024-3220 was published Feb 14, 2025
Fyrox has unsound usages of `Vec::from_raw_parts` Low
GHSA-h7h7-6mx3-r89v was published for fyrox-core (Rust) Feb 14, 2025
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter... Low Unreviewed
CVE-2025-25899 was published Feb 13, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-47266 was published Feb 13, 2025
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Low Unreviewed
CVE-2024-13121 was published Feb 13, 2025
The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape... Low Unreviewed
CVE-2025-0692 was published Feb 13, 2025
The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13125 was published Feb 13, 2025
A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal,... Low Unreviewed
CVE-2024-34521 was published Feb 13, 2025
Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet... Low Unreviewed
CVE-2024-39271 was published Feb 13, 2025
Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800... Low Unreviewed
CVE-2024-39286 was published Feb 13, 2025
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability... Low Unreviewed
CVE-2025-1215 was published Feb 12, 2025
A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This... Low Unreviewed
CVE-2025-1207 was published Feb 12, 2025
HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user... Low Unreviewed
CVE-2024-23563 was published Feb 12, 2025
Unencrypted transmission in Temporal api-go library Low
CVE-2025-1243 was published for go.temporal.io/api (Go) Feb 12, 2025
An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate... Low Unreviewed
CVE-2024-51324 was published Feb 12, 2025
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks,... Low Unreviewed
CVE-2023-20581 was published Feb 12, 2025
Improper access control in the DRTM firmware could allow a privileged attacker to perform... Low Unreviewed
CVE-2023-31331 was published Feb 12, 2025
An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds... Low Unreviewed
CVE-2023-20507 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database