Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,168 advisories

Loading
Contrast's unauthenticated recovery allows Coordinator impersonation High
GHSA-vqv5-385r-2hf8 was published for github.com/edgelesssys/contrast (Go) Feb 5, 2025
3u13r burgerdev
katexochen
MobSF Local Privilege Escalation High
CVE-2025-24805 was published for mobsf (pip) Feb 5, 2025
MobSF Partial Denial of Service (DoS) High
CVE-2025-24804 was published for mobsf (pip) Feb 5, 2025
MobSF Stored Cross-Site Scripting (XSS) High
CVE-2025-24803 was published for mobsf (pip) Feb 5, 2025
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint... High Unreviewed
CVE-2025-22891 was published Feb 5, 2025
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed
CVE-2025-21091 was published Feb 5, 2025
When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can... High Unreviewed
CVE-2025-20058 was published Feb 5, 2025
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is... High Unreviewed
CVE-2025-24312 was published Feb 5, 2025
When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing... High Unreviewed
CVE-2025-21087 was published Feb 5, 2025
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central... High Unreviewed
CVE-2025-24319 was published Feb 5, 2025
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server,... High Unreviewed
CVE-2025-22846 was published Feb 5, 2025
When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause... High Unreviewed
CVE-2025-23412 was published Feb 5, 2025
Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command... High Unreviewed
CVE-2025-20029 was published Feb 5, 2025
When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP... High Unreviewed
CVE-2025-20045 was published Feb 5, 2025
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS... High Unreviewed
CVE-2024-56135 was published Feb 5, 2025
When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured,... High Unreviewed
CVE-2025-24326 was published Feb 5, 2025
When URL categorization is configured on a virtual server, undisclosed requests can cause TMM to... High Unreviewed
CVE-2025-24497 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS... High Unreviewed
CVE-2025-20172 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20171 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20170 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20173 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20169 was published Feb 5, 2025
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow... High Unreviewed
CVE-2025-20174 was published Feb 5, 2025
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS... High Unreviewed
CVE-2024-56131 was published Feb 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database