Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
Symfony has an incorrect response from Validator when input ends with `\n` Low
CVE-2024-50343 was published for symfony/symfony (Composer) Nov 6, 2024
offscriptian alexandre-daubois
Ansible-Core vulnerable to content protections bypass Low
CVE-2024-11079 was published for ansible-core (pip) Nov 12, 2024
arvindshmicrosoft
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer... Low Unreviewed
CVE-2024-12014 was published Dec 20, 2024
HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts... Low Unreviewed
CVE-2024-42175 was published Jan 11, 2025
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
A vulnerability, which was classified as critical, has been found in MaxD Lightning Module 4.43... Low Unreviewed
CVE-2025-0974 was published Feb 3, 2025
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... Low Unreviewed
CVE-2024-50560 was published Nov 12, 2024
Keycloak allows cross-site scripting (XSS) Low
CVE-2024-4028 was published for org.keycloak:keycloak-core (Maven) Feb 18, 2025
Magento Open Source affected by Improper Input Validation Low
CVE-2023-29293 was published for magento/community-edition (Composer) Jun 15, 2023
Jenkins affected by Open Redirect Vulnerability Low
CVE-2012-6073 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins Vulnerable to Denial of Service (DoS) Low
CVE-2015-1808 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment Low
CVE-2025-29923 was published for github.com/redis/go-redis/v9 (Go) Mar 20, 2025
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS)... Low Unreviewed
CVE-2005-3055 was published May 1, 2022
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI... Low Unreviewed
CVE-2006-2920 was published May 1, 2022
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user... Low Unreviewed
CVE-2006-4842 was published May 1, 2022
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12... Low Unreviewed
CVE-2006-5793 was published May 1, 2022
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2... Low Unreviewed
CVE-2007-2509 was published May 1, 2022
Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service... Low Unreviewed
CVE-2007-5040 was published May 1, 2022
Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service... Low Unreviewed
CVE-2007-5039 was published May 1, 2022
Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set... Low Unreviewed
CVE-2008-1294 was published May 1, 2022
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux... Low Unreviewed
CVE-2008-3889 was published May 2, 2022
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus)... Low Unreviewed
CVE-2009-1189 was published May 2, 2022
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1... Low Unreviewed
CVE-2010-0547 was published May 2, 2022
The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all... Low Unreviewed
CVE-2011-0685 was published May 17, 2022
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 ... Low Unreviewed
CVE-2011-0463 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database