Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,426 advisories

Loading
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2023-28197 was published Jan 11, 2024
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Low Unreviewed
CVE-2023-40383 was published Jan 11, 2024
A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as... Low Unreviewed
CVE-2025-4215 was published May 2, 2025
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is... Low Unreviewed
CVE-2025-6199 was published Jun 17, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-42830 was published Jan 11, 2024
A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207... Low Unreviewed
CVE-2025-6139 was published Jun 16, 2025
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML... Low Unreviewed
CVE-2025-6170 was published Jun 16, 2025
Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion... Low Unreviewed
CVE-2024-38822 was published Jun 13, 2025
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow... Low Unreviewed
CVE-2025-24388 was published Jun 16, 2025
A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic... Low Unreviewed
CVE-2025-6107 was published Jun 16, 2025
PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to... Low Unreviewed
CVE-2025-21085 was published Jun 15, 2025
handcraftedinthealps/goodby-csv has Potential Gadget Chain allowing Remote Code Execution Low
CVE-2025-49597 was published for handcraftedinthealps/goodby-csv (Composer) Jun 13, 2025
mcdruid
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is... Low Unreviewed
CVE-2025-6052 was published Jun 13, 2025
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. Low Unreviewed
CVE-2024-38823 was published Jun 13, 2025
Information exposure in Next.js dev server due to lack of origin verification Low
CVE-2025-48068 was published for next (npm) May 28, 2025
sapphi-red R4356th
RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less... Low Unreviewed
CVE-2025-48825 was published Jun 13, 2025
Vantage6 Server JWT secret not cryptographically secure Low
CVE-2025-43866 was published for vantage6-server (pip) Jun 12, 2025
vantage6 lacks brute-force protection on change password functionality Low
CVE-2025-43863 was published for vantage6 (pip) Jun 12, 2025
An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11... Low Unreviewed
CVE-2025-5982 was published Jun 12, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2023-22113 was published Oct 18, 2023
The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be... Low Unreviewed
CVE-2025-49198 was published Jun 12, 2025
brace-expansion Regular Expression Denial of Service vulnerability Low
CVE-2025-5889 was published for brace-expansion (npm) Jun 9, 2025
turi4200 carboneater
viceice
Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could... Low Unreviewed
CVE-2025-1698 was published Jun 11, 2025
An incorrect default permissions vulnerability was reported in the MotoSignature application that... Low Unreviewed
CVE-2025-1699 was published Jun 11, 2025
Mattermost allows guest users to view information about public teams they are not members of Low
CVE-2025-4128 was published for github.com/mattermost/mattermost-server (Go) Jun 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database