Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,770
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,951 advisories

Loading
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security... Moderate Unreviewed
CVE-2024-13614 was published Feb 6, 2025
A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and... Moderate Unreviewed
CVE-2025-1078 was published Feb 6, 2025
PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS).... Moderate Unreviewed
CVE-2024-57427 was published Feb 6, 2025
Vulnerability of incomplete verification information in the VPN service module Impact: Successful... Moderate Unreviewed
CVE-2024-57962 was published Feb 6, 2025
A Stored Cross-Site Scripting (Stored XSS) vulnerability has been found in the Holded application... Moderate Unreviewed
CVE-2025-1076 was published Feb 6, 2025
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected... Moderate Unreviewed
CVE-2025-1074 was published Feb 6, 2025
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server... Moderate Unreviewed
CVE-2024-24911 was published Feb 6, 2025
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57955 was published Feb 6, 2025
Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-12602 was published Feb 6, 2025
Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57959 was published Feb 6, 2025
Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57961 was published Feb 6, 2025
Vulnerability of improper log information control in the UI framework module Impact: Successful... Moderate Unreviewed
CVE-2024-57957 was published Feb 6, 2025
Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57958 was published Feb 6, 2025
Permission verification vulnerability in the media library module Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-57954 was published Feb 6, 2025
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is... Moderate Unreviewed
CVE-2025-0859 was published Feb 6, 2025
NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and... Moderate Unreviewed
CVE-2025-24483 was published Feb 6, 2025
Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists... Moderate Unreviewed
CVE-2025-24845 was published Feb 6, 2025
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition... Moderate Unreviewed
CVE-2025-22894 was published Feb 6, 2025
Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x... Moderate Unreviewed
CVE-2025-22890 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49791 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an... Moderate Unreviewed
CVE-2024-38316 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56471 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed
CVE-2024-56473 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49792 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed
CVE-2024-56472 was published Feb 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database