Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,313 advisories

Loading
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to... High Unreviewed
CVE-2025-22880 was published Feb 7, 2025
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before... High Unreviewed
CVE-2024-13352 was published Feb 7, 2025
Multiple Elber products suffer from an unauthenticated device configuration and client-side... High Unreviewed
CVE-2025-0675 was published Feb 7, 2025
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker... High Unreviewed
CVE-2025-21177 was published Feb 7, 2025
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21342 was published Feb 7, 2025
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21408 was published Feb 7, 2025
Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management... High Unreviewed
CVE-2024-56889 was published Feb 7, 2025
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform... High Unreviewed
CVE-2024-53586 was published Feb 7, 2025
An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-57609 was published Feb 7, 2025
2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle... High Unreviewed
CVE-2024-47258 was published Feb 6, 2025
IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing... High Unreviewed
CVE-2024-54171 was published Feb 6, 2025
WhoDB allows parameter injection in DB connection URIs leading to local file inclusion High
CVE-2025-24787 was published for github.com/clidey/whodb/core (Go) Feb 6, 2025
nnsee modelorona
hkdeman
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when... High Unreviewed
CVE-2025-22867 was published Feb 6, 2025
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from... High Unreviewed
CVE-2024-36558 was published Feb 6, 2025
In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in the... High Unreviewed
CVE-2024-39033 was published Feb 6, 2025
An information disclosure vulnerability exists in the Vault API functionality of ClearML... High Unreviewed
CVE-2024-43779 was published Feb 6, 2025
Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to... High Unreviewed
CVE-2025-0994 was published Feb 6, 2025
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to... High Unreviewed
CVE-2024-36553 was published Feb 6, 2025
Due to the usage of a variable time instruction in the assembly implementation of an internal... High Unreviewed
CVE-2025-22866 was published Feb 6, 2025
Mitmweb API Authentication Bypass Using Proxy Server High
CVE-2025-23217 was published for mitmproxy (pip) Feb 6, 2025
gronke mhils
The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by... High Unreviewed
CVE-2022-31764 was published Feb 6, 2025
Input verification vulnerability in the ExternalStorageProvider module Impact: Successful... High Unreviewed
CVE-2024-57960 was published Feb 6, 2025
Apache James vulnerable to denial of service through the use of IMAP literals High
CVE-2024-37358 was published for org.apache.james.protocols:protocols-imap (Maven) Feb 6, 2025
Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier.... High Unreviewed
CVE-2025-23236 was published Feb 6, 2025
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition... High Unreviewed
CVE-2025-20094 was published Feb 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database