Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,816
NuGet
692
pip
3,492
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,398 advisories

Loading
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and... High Unreviewed
CVE-2025-0749 was published Mar 7, 2025
DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api High
GHSA-vc29-vg52-6643 was published for OpenTelemetry.AutoInstrumentation (NuGet) Mar 6, 2025
Out-of-bounds Write in SixLabors ImageSharp High
CVE-2025-27598 was published for SixLabors.ImageSharp (NuGet) Mar 6, 2025
andreas-eriksson
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25823 was published Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25825 was published Mar 6, 2025
ServiceNow has addressed an authorization bypass vulnerability that was identified in the... High Unreviewed
CVE-2025-0337 was published Mar 6, 2025
A deserialization of untrusted data vulnerability exists in NI G Web Development Software that... High Unreviewed
CVE-2024-12742 was published Mar 6, 2025
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2024-51476 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject struct_ops... High Unreviewed
CVE-2024-58060 was published Mar 6, 2025
Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder... High Unreviewed
CVE-2024-12146 was published Mar 6, 2025
A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232.... High Unreviewed
CVE-2024-42844 was published Mar 6, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13893 was published Mar 6, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows... High Unreviewed
CVE-2024-7872 was published Mar 6, 2025
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local... High Unreviewed
CVE-2025-20931 was published Mar 6, 2025
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local... High Unreviewed
CVE-2025-20903 was published Mar 6, 2025
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows... High Unreviewed
CVE-2025-20929 was published Mar 6, 2025
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-22447 was published Mar 6, 2025
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-24864 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for... High Unreviewed
CVE-2022-49411 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif... High Unreviewed
CVE-2022-49489 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator... High Unreviewed
CVE-2022-49694 was published Mar 6, 2025
Emissary May Use a Broken or Risky Cryptographic Algorithm High
CVE-2025-27508 was published for gov.nsa.emissary:emissary (Maven) Mar 5, 2025
0dd moweiyang0214
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an... High Unreviewed
CVE-2025-2003 was published Mar 5, 2025
Spacy-LLM Server-Side Template Injection (SSTI) vulnerability High
CVE-2025-25362 was published for spacy-llm (pip) Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database