Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,558 advisories

Loading
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting... Low Unreviewed
CVE-2025-1540 was published Mar 6, 2025
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition... Low Unreviewed
CVE-2025-1939 was published Mar 4, 2025
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU... Low Unreviewed
CVE-2024-47896 was published Feb 22, 2025
A SQL injection vulnerability in the ConvertForms component versions 1.0.0-1.0.0 - 4.4.9 for... Low Unreviewed
CVE-2025-22212 was published Mar 5, 2025
Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak... Low Unreviewed
CVE-2024-11035 was published Mar 5, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by... Low Unreviewed
CVE-2025-1953 was published Mar 4, 2025
Magento Open Source allows Cross-Site Scripting (XSS) Low
CVE-2023-38219 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows Incorrect Authorization Low
CVE-2023-29296 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source allows XML Injection Low
CVE-2023-38207 was published for magento/community-edition (Composer) Aug 9, 2023
Magento Open Source allows Cross-Site Scripting (XSS) Low
CVE-2023-22249 was published for magento/community-edition (Composer) Jul 6, 2023
Magento Open Source has Business Logic Errors Vulnerability Low
CVE-2023-29294 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source allows Incorrect Authorization Low
CVE-2023-29295 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source affected by Improper Input Validation Low
CVE-2023-29293 was published for magento/community-edition (Composer) Jun 15, 2023
URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+ Low
CVE-2025-27221 was published for uri (RubyGems) Mar 3, 2025
john-halderman
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Low Unreviewed
CVE-2024-47259 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22443 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-22835 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer... Low Unreviewed
CVE-2025-22837 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Low Unreviewed
CVE-2025-23234 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-23418 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23240 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23414 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23409 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23420 was published Mar 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database