Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

123,361 advisories

Loading
A vulnerability, which was classified as problematic, has been found in code-projects Police FIR... Moderate Unreviewed
CVE-2025-1164 was published Feb 11, 2025
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-1160 was published Feb 11, 2025
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This... Moderate Unreviewed
CVE-2025-1162 was published Feb 11, 2025
A vulnerability classified as critical was found in code-projects Vehicle Parking Management... Moderate Unreviewed
CVE-2025-1163 was published Feb 11, 2025
A vulnerability was found in ESAFENET CDG 5.6.3.154.205_20250114. It has been classified as... Moderate Unreviewed
CVE-2025-1158 was published Feb 11, 2025
A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-1159 was published Feb 11, 2025
Hickory DNS failure to verify self-signed RRSIG for DNSKEYs Moderate
GHSA-v7pc-74h8-xq2h was published for hickory-proto (Rust) Feb 10, 2025
A vulnerability was found in Allims lab.online up to 20250201 and classified as critical. This... Moderate Unreviewed
CVE-2025-1157 was published Feb 10, 2025
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This... Moderate Unreviewed
CVE-2025-1155 was published Feb 10, 2025
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's... Moderate Unreviewed
CVE-2025-1002 was published Feb 10, 2025
An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020. By sending a specially... Moderate Unreviewed
CVE-2024-57178 was published Feb 10, 2025
A vulnerability, which was classified as critical, has been found in xxyopen Novel up to 3.4.1.... Moderate Unreviewed
CVE-2025-1154 was published Feb 10, 2025
A vulnerability has been found in Pix Software Vivaz 6.0.10 and classified as critical. This... Moderate Unreviewed
CVE-2025-1156 was published Feb 10, 2025
A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2.... Moderate Unreviewed
CVE-2024-57177 was published Feb 10, 2025
A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an... Moderate Unreviewed
CVE-2024-46435 was published Feb 10, 2025
Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web... Moderate Unreviewed
CVE-2024-46431 was published Feb 10, 2025
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in... Moderate Unreviewed
CVE-2024-13010 was published Feb 10, 2025
Authentication Bypass by Spoofing in OPC UA .NET Standard Stack Moderate
CVE-2024-42513 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Feb 10, 2025
wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability... Moderate Unreviewed
CVE-2024-10649 was published Feb 10, 2025
Server-Side Request Forgery (SSRF) in activitypub_federation Moderate
CVE-2025-25194 was published for activitypub_federation (Rust) Feb 10, 2025
nnfrog
Stored XSS in REDAXO Moderate
CVE-2024-13209 was published for redaxo/source (Composer) Feb 10, 2025
geo-chen
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a... Moderate Unreviewed
CVE-2024-12133 was published Feb 10, 2025
Cross-site Scripting (XSS) in serialize-javascript Moderate
CVE-2024-11831 was published for serialize-javascript (npm) Feb 10, 2025
A stored cross-site scripting (XSS) vulnerability in the Parameter List module of cool-admin-java... Moderate Unreviewed
CVE-2024-57409 was published Feb 10, 2025
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an... Moderate Unreviewed
CVE-2024-12243 was published Feb 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database