GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,243
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,771
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,728

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,627 advisories

Filter by severity

Sort by

Least recently updated

2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle... High Unreviewed

CVE-2024-47258 was published Feb 6, 2025

IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing... High Unreviewed

CVE-2024-54171 was published Feb 6, 2025

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to... High Unreviewed

CVE-2025-0994 was published Feb 6, 2025

An information disclosure vulnerability exists in the Vault API functionality of ClearML... High Unreviewed

CVE-2024-43779 was published Feb 6, 2025

The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by... High Unreviewed

CVE-2022-31764 was published Feb 6, 2025

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful... High Unreviewed

CVE-2024-57960 was published Feb 6, 2025

Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier.... High Unreviewed

CVE-2025-23236 was published Feb 6, 2025

Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition... High Unreviewed

CVE-2025-20094 was published Feb 6, 2025

The The CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run... High Unreviewed

CVE-2024-13487 was published Feb 6, 2025

IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated... High Unreviewed

CVE-2024-49814 was published Feb 6, 2025

A prototype pollution in the lib.Logger function of eazy-logger v4.0.1 allows attackers to cause... High Unreviewed

CVE-2024-57075 was published Feb 6, 2025

A prototype pollution in the lib.deepMerge function of @zag-js/core v0.50.0 allows attackers to... High Unreviewed

CVE-2024-57079 was published Feb 6, 2025

A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... High Unreviewed

CVE-2024-57074 was published Feb 6, 2025

A prototype pollution in the lib.fromQuery function of underscore-contrib v0.3.0 allows attackers... High Unreviewed

CVE-2024-57081 was published Feb 6, 2025

A prototype pollution in the lib.createUploader function of @rpldy/uploader v1.8.1 allows... High Unreviewed

CVE-2024-57082 was published Feb 6, 2025

A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers... High Unreviewed

CVE-2024-57085 was published Feb 6, 2025

A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a... High Unreviewed

CVE-2024-57076 was published Feb 6, 2025

A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a... High Unreviewed

CVE-2024-57078 was published Feb 6, 2025

A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause... High Unreviewed

CVE-2024-57080 was published Feb 6, 2025

A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows... High Unreviewed

CVE-2024-57086 was published Feb 6, 2025

A prototype pollution in the lib.mutateMergeDeep function of @tanstack/form-core v0.35.0 allows... High Unreviewed

CVE-2024-57068 was published Feb 6, 2025

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed

CVE-2024-57063 was published Feb 6, 2025

A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed

CVE-2024-57064 was published Feb 6, 2025

A prototype pollution in the lib.combine function of php-parser v3.2.1 allows attackers to cause... High Unreviewed

CVE-2024-57071 was published Feb 6, 2025

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the... High Unreviewed

CVE-2024-48394 was published Feb 6, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

95,627 advisories