Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,426 advisories

Loading
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module.... Low Unreviewed
CVE-2025-5991 was published Jun 11, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2025-47096 was published Jun 11, 2025
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0.... Low Unreviewed
CVE-2025-22829 was published Jun 11, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF... Low Unreviewed
CVE-2025-36576 was published Jun 10, 2025
An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in... Low Unreviewed
CVE-2025-22251 was published Jun 10, 2025
An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before &... Low Unreviewed
CVE-2023-29184 was published Jun 10, 2025
The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is... Low Unreviewed
CVE-2024-3076 was published Apr 26, 2024
Under certain conditions, SAP Business Objects Business Intelligence Platform allows an... Low Unreviewed
CVE-2025-42988 was published Jun 10, 2025
Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML... Low Unreviewed
CVE-2025-42990 was published Jun 10, 2025
In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post... Low Unreviewed
CVE-2025-0036 was published Jun 10, 2025
A vulnerability has been identified in the libarchive library. This flaw can be triggered when... Low Unreviewed
CVE-2025-5918 was published Jun 9, 2025
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap... Low Unreviewed
CVE-2025-5915 was published Jun 9, 2025
A vulnerability has been identified in the libarchive library. This flaw involves an integer... Low Unreviewed
CVE-2025-5916 was published Jun 9, 2025
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one'... Low Unreviewed
CVE-2025-5917 was published Jun 9, 2025
The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not... Low Unreviewed
CVE-2024-11140 was published May 15, 2025
systemd, when updating file permissions, allows local users to change the permissions and SELinux... Low Unreviewed
CVE-2013-4392 was published May 13, 2022
Suspended Directus user can continue to use session token to access API Low
CVE-2025-30351 was published for @directus/api (npm) Mar 26, 2025
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic.... Low Unreviewed
CVE-2025-5715 was published Jun 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2025-27242 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-23235 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-26693 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Low Unreviewed
CVE-2025-27563 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-20063 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-25217 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-21082 was published Jun 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database