Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,449 advisories

Loading
DevDojo Voyager vulnerable to reflected Cross-site Scripting Low
CVE-2024-55416 was published for tcg/voyager (Composer) Jan 30, 2025
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining... Low Unreviewed
CVE-2024-57965 was published Jan 29, 2025
Potential DoS when using ContextLines integration Low
GHSA-r5w7-f542-q2j4 was published for @sentry/astro (npm) Jan 28, 2025
mstrokin
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker... Low Unreviewed
CVE-2024-0149 was published Jan 28, 2025
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7... Low Unreviewed
CVE-2025-24100 was published Jan 28, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3,... Low Unreviewed
CVE-2025-24121 was published Jan 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2025-24141 was published Jan 28, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-24145 was published Jan 28, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-44172 was published Jan 28, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-54475 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2024-54516 was published Jan 28, 2025
A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows... Low Unreviewed
CVE-2025-0733 was published Jan 27, 2025
A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on... Low Unreviewed
CVE-2025-0732 was published Jan 27, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55228 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55227 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
Apache Cocoon vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator Low
CVE-2025-24783 was published for org.apache.cocoon:cocoon-forms-impl (Maven) Jan 27, 2025
The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-13116 was published Jan 27, 2025
An improper privilege management vulnerability in OTRS Generic Interface module allows change of... Low Unreviewed
CVE-2024-43446 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2024-28766 was published Jan 27, 2025
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Low Unreviewed
CVE-2024-13450 was published Jan 25, 2025
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an... Low Unreviewed
CVE-2024-35122 was published Jan 24, 2025
Directus has a DOM-Based cross-site scripting (XSS) via layout_options Low
GHSA-9qrm-48qf-r2rw was published for directus (npm) Jan 23, 2025
ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the... Low Unreviewed
CVE-2024-52328 was published Jan 23, 2025
Reflected Cross Site Scripting (XSS) in error message Low
GHSA-74j9-xhqr-6qv3 was published for silverstripe/framework (Composer) Jan 23, 2025
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It... Low Unreviewed
CVE-2024-42183 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database