Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,565 advisories

Loading
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic... Low Unreviewed
CVE-2025-27839 was published Mar 8, 2025
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been... Low Unreviewed
CVE-2025-2093 was published Mar 8, 2025
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings Low
CVE-2022-31177 was published for Flask-AppBuilder (pip) Jul 29, 2022
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the... Low Unreviewed
CVE-2022-41862 was published Mar 3, 2023
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2024-53699 was published Mar 7, 2025
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2024-53697 was published Mar 7, 2025
A buffer overread can occur in the CPC application when operating in full duplex SPI upon... Low Unreviewed
CVE-2024-12975 was published Mar 7, 2025
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2024-38638 was published Mar 7, 2025
A double free vulnerability has been reported to affect several QNAP operating system versions.... Low Unreviewed
CVE-2024-53698 was published Mar 7, 2025
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could... Low Unreviewed
CVE-2025-0167 was published Feb 5, 2025
Possible Content Security Policy bypass in Action Dispatch Low
CVE-2024-54133 was published for actionpack (RubyGems) Dec 10, 2024
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in... Low Unreviewed
CVE-2025-27113 was published Feb 19, 2025
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local... Low Unreviewed
CVE-2023-42542 was published Nov 14, 2023
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting... Low Unreviewed
CVE-2025-1540 was published Mar 6, 2025
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition... Low Unreviewed
CVE-2025-1939 was published Mar 4, 2025
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU... Low Unreviewed
CVE-2024-47896 was published Feb 22, 2025
A SQL injection vulnerability in the ConvertForms component versions 1.0.0-1.0.0 - 4.4.9 for... Low Unreviewed
CVE-2025-22212 was published Mar 5, 2025
Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak... Low Unreviewed
CVE-2024-11035 was published Mar 5, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by... Low Unreviewed
CVE-2025-1953 was published Mar 4, 2025
Magento Open Source allows Cross-Site Scripting (XSS) Low
CVE-2023-38219 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Incorrect Authorization Low
CVE-2023-29296 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source allows XML Injection Low
CVE-2023-38207 was published for magento/community-edition (Composer) Aug 9, 2023
Magento Open Source allows Cross-Site Scripting (XSS) Low
CVE-2023-22249 was published for magento/community-edition (Composer) Jul 6, 2023
Magento Open Source has Business Logic Errors Vulnerability Low
CVE-2023-29294 was published for magento/community-edition (Composer) Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database