Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,444 advisories

Loading
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS... High Unreviewed
CVE-2023-47802 was published Mar 4, 2025
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality... High Unreviewed
CVE-2024-41147 was published Mar 4, 2025
An Uncontrolled Search Path Element vulnerability exists which could allow a malicious actor to... High Unreviewed
CVE-2024-10930 was published Mar 4, 2025
A privilege escalation vulnerability in PocketBook InkPad Color 3 allows attackers to escalate to... High Unreviewed
CVE-2025-1424 was published Mar 4, 2025
Wildfly Elytron integration susceptible to brute force attacks via CLI High
CVE-2025-23368 was published for org.wildfly.core:wildfly-elytron-integration (Maven) Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_tx_handler... High Unreviewed
CVE-2022-49275 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix use... High Unreviewed
CVE-2022-49196 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list... High Unreviewed
CVE-2022-49182 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after... High Unreviewed
CVE-2022-49114 was published Mar 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-9149 was published Mar 4, 2025
Unauthenticated reflected cross-site scripting (XSS) in Uniguest Tripleplay before 24.2.1 allows... High Unreviewed
CVE-2024-50705 was published Mar 4, 2025
Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence... High Unreviewed
CVE-2025-1943 was published Mar 4, 2025
A select option could partially obscure the confirmation prompt shown before launching external... High Unreviewed
CVE-2025-1940 was published Mar 4, 2025
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over... High Unreviewed
CVE-2025-1933 was published Mar 4, 2025
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger... High Unreviewed
CVE-2025-1930 was published Mar 4, 2025
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an... High Unreviewed
CVE-2025-22226 was published Mar 4, 2025
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within... High Unreviewed
CVE-2025-22225 was published Mar 4, 2025
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files... High Unreviewed
CVE-2024-48248 was published Mar 4, 2025
Permission bypass vulnerability in the window module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-58043 was published Mar 4, 2025
Permission verification bypass vulnerability in the notification module Impact: Successful... High Unreviewed
CVE-2024-58044 was published Mar 4, 2025
Multi-concurrency vulnerability in the media digital copyright protection module Impact:... High Unreviewed
CVE-2024-58045 was published Mar 4, 2025
The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... High Unreviewed
CVE-2025-1306 was published Mar 4, 2025
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed
CVE-2025-0360 was published Mar 4, 2025
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed
CVE-2025-0359 was published Mar 4, 2025
The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-1639 was published Mar 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database