Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,365 advisories

Loading
Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows... High Unreviewed
CVE-2024-7872 was published Mar 6, 2025
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local... High Unreviewed
CVE-2025-20931 was published Mar 6, 2025
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-24864 was published Mar 6, 2025
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-22447 was published Mar 6, 2025
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local... High Unreviewed
CVE-2025-20903 was published Mar 6, 2025
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows... High Unreviewed
CVE-2025-20929 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for... High Unreviewed
CVE-2022-49411 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif... High Unreviewed
CVE-2022-49489 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator... High Unreviewed
CVE-2022-49694 was published Mar 6, 2025
Emissary May Use a Broken or Risky Cryptographic Algorithm High
CVE-2025-27508 was published for gov.nsa.emissary:emissary (Maven) Mar 5, 2025
0dd moweiyang0214
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an... High Unreviewed
CVE-2025-2003 was published Mar 5, 2025
Spacy-LLM Server-Side Template Injection (SSTI) vulnerability High
CVE-2025-25362 was published for spacy-llm (pip) Mar 5, 2025
dmlc/dgl Vulnerable to Remote Code Execution by Pickle Deserialization via rpc.recv_request() High
GHSA-3x5x-fw77-g54c was published for dgl (pip) Mar 5, 2025
OpenDJ Denial of Service (DoS) using alias loop High
CVE-2025-27497 was published for org.openidentityplatform.opendj:opendj-server-legacy (Maven) Mar 5, 2025
hannes96
Sysax Multi Server 6.99 is vulnerable to a denial of service (DoS) condition when processing... High Unreviewed
CVE-2024-53458 was published Mar 5, 2025
Path traversal may allow remote code execution using privileged account (requires device admin... High Unreviewed
CVE-2025-24494 was published Mar 5, 2025
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for... High Unreviewed
CVE-2025-20206 was published Mar 5, 2025
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an... High Unreviewed
CVE-2024-11216 was published Mar 5, 2025
The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed
CVE-2025-0956 was published Mar 5, 2025
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... High Unreviewed
CVE-2025-1702 was published Mar 5, 2025
The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data... High Unreviewed
CVE-2024-13471 was published Mar 5, 2025
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13777 was published Mar 5, 2025
The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for... High Unreviewed
CVE-2024-13232 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... High Unreviewed
CVE-2025-27669 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... High Unreviewed
CVE-2025-27683 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database