Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

123,312 advisories

Loading
Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute... Moderate Unreviewed
CVE-2024-57599 was published Feb 6, 2025
Withdrawn Advisory: Sylius allows unrestricted brute-force attacks on user accounts Moderate
CVE-2024-57610 was published for sylius/sylius (Composer) Feb 6, 2025 withdrawn
GSadee
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security... Moderate Unreviewed
CVE-2024-13614 was published Feb 6, 2025
A Stored Cross-Site Scripting (Stored XSS) vulnerability has been found in the Holded application... Moderate Unreviewed
CVE-2025-1076 was published Feb 6, 2025
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected... Moderate Unreviewed
CVE-2025-1074 was published Feb 6, 2025
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server... Moderate Unreviewed
CVE-2024-24911 was published Feb 6, 2025
Vulnerability of incomplete verification information in the VPN service module Impact: Successful... Moderate Unreviewed
CVE-2024-57962 was published Feb 6, 2025
Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57959 was published Feb 6, 2025
Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57958 was published Feb 6, 2025
Vulnerability of improper log information control in the UI framework module Impact: Successful... Moderate Unreviewed
CVE-2024-57957 was published Feb 6, 2025
Permission verification vulnerability in the media library module Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-57954 was published Feb 6, 2025
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57955 was published Feb 6, 2025
Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57961 was published Feb 6, 2025
Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-12602 was published Feb 6, 2025
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is... Moderate Unreviewed
CVE-2025-0859 was published Feb 6, 2025
Apache James vulnerable to denial of service through JMAP HTML to text conversion Moderate
CVE-2024-45626 was published for org.apache.james:james-server-jmap-draft (Maven) Feb 6, 2025
Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists... Moderate Unreviewed
CVE-2025-24845 was published Feb 6, 2025
NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and... Moderate Unreviewed
CVE-2025-24483 was published Feb 6, 2025
Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x... Moderate Unreviewed
CVE-2025-22890 was published Feb 6, 2025
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition... Moderate Unreviewed
CVE-2025-22894 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed
CVE-2024-49794 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49792 was published Feb 6, 2025
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed
CVE-2024-49800 was published Feb 6, 2025
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed
CVE-2024-49798 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49791 was published Feb 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database