Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,887 advisories

Loading
7-Zip through 24.09 does not report an error for certain invalid xz files, involving block flags... Low Unreviewed
CVE-2022-47111 was published Apr 19, 2025
An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro... Low Unreviewed
CVE-2025-25983 was published Apr 18, 2025
An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302... Low Unreviewed
CVE-2025-25985 was published Apr 18, 2025
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated... Low Unreviewed
CVE-2024-42178 was published Apr 18, 2025
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities.... Low Unreviewed
CVE-2024-42177 was published Apr 17, 2025
DragonflyDB Dragonfly through 1.28.2 allows authenticated users to cause a denial of service ... Low Unreviewed
CVE-2025-26269 was published Apr 17, 2025
DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service ... Low Unreviewed
CVE-2025-26268 was published Apr 17, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has... Low Unreviewed
CVE-2025-32415 was published Apr 17, 2025
In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x:... Low Unreviewed
CVE-2021-47671 was published Apr 17, 2025
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An... Low Unreviewed
CVE-2025-26478 was published Apr 17, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1523 was published Apr 17, 2025
The Icegram Express formerly known as Email Subscribers WordPress plugin before 5.7.52 does not... Low Unreviewed
CVE-2024-11924 was published Apr 17, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1524 was published Apr 17, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1525 was published Apr 17, 2025
VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as... Low Unreviewed
CVE-2025-43708 was published Apr 17, 2025
In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are... Low Unreviewed
CVE-2024-58249 was published Apr 16, 2025
nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race... Low Unreviewed
CVE-2024-58248 was published Apr 16, 2025
Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite ... Low Unreviewed
CVE-2025-30731 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Low Unreviewed
CVE-2025-30703 was published Apr 15, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable... Low Unreviewed
CVE-2025-30700 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Low Unreviewed
CVE-2025-30681 was published Apr 15, 2025
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed
CVE-2024-42193 was published Apr 15, 2025
The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed
CVE-2025-32943 was published Apr 15, 2025
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The... Low Unreviewed
CVE-2024-45712 was published Apr 15, 2025
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into... Low Unreviewed
CVE-2023-27272 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database