Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,514
Erlang
33
GitHub Actions
25
Go
2,215
Maven
5,000+
npm
3,873
NuGet
696
pip
3,648
Pub
12
RubyGems
913
Rust
923
Swift
38
Unreviewed advisories
All unreviewed
5,000+

272,697 advisories

Loading
gitoxide does not detect SHA-1 collision attacks Moderate
CVE-2025-31130 was published for gitoxide (Rust) Apr 4, 2025
emilazy EliahKagan
BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization Critical
CVE-2025-27520 was published for bentoml (pip) Apr 4, 2025
c2an1
A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled... Moderate Unreviewed
CVE-2025-2842 was published Apr 2, 2025
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to... High Unreviewed
CVE-2024-4877 was published Apr 3, 2025
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and... Moderate Unreviewed
CVE-2025-2786 was published Apr 2, 2025
An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously... High Unreviewed
CVE-2024-47213 was published Apr 3, 2025
In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs... Moderate Unreviewed
CVE-2024-38587 was published Jun 19, 2024
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec:... High Unreviewed
CVE-2024-35919 was published May 19, 2024
In the Linux kernel, the following vulnerability has been resolved: dma-buf: Fix NULL pointer... Moderate Unreviewed
CVE-2024-35916 was published May 19, 2024
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header... Moderate Unreviewed
CVE-2024-35973 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u-... Moderate Unreviewed
CVE-2024-35970 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: smb3: missing lock when... Moderate Unreviewed
CVE-2024-35999 was published May 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT... Critical Unreviewed
CVE-2024-34440 was published May 14, 2024
A vulnerability classified as problematic has been found in DedeCMS 5.7.114. This affects an... Moderate Unreviewed
CVE-2024-4790 was published May 14, 2024
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing... Moderate Unreviewed
CVE-2021-47130 was published Mar 15, 2024
A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000.... Moderate Unreviewed
CVE-2025-3249 was published Apr 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31407 was published Apr 4, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-31421 was published Apr 4, 2025
Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an... Moderate Unreviewed
CVE-2025-3189 was published Apr 4, 2025
Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows... Moderate Unreviewed
CVE-2025-22285 was published Apr 4, 2025
Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a... Unknown Unreviewed
CVE-2025-28146 was published Apr 4, 2025
Incorrect Privilege Assignment vulnerability in Favethemes Homey allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-51800 was published Apr 4, 2025
The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-2798 was published Apr 4, 2025
A vulnerability, which was classified as problematic, was found in xujiangfei admintwo 1.0. This... Moderate Unreviewed
CVE-2025-3251 was published Apr 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-31389 was published Apr 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database