Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
Vyper's `slice()` may elide side-effects when output length is 0 Low
CVE-2025-47774 was published for vyper (pip) May 16, 2025
th3anatomist
Vyper's `concat()` builtin may elide side-effects for zero-length arguments Low
CVE-2025-47285 was published for vyper (pip) May 16, 2025
th3anatomist
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By... Low Unreviewed
CVE-2025-40631 was published May 16, 2025
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability... Low Unreviewed
CVE-2025-40632 was published May 16, 2025
The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not... Low Unreviewed
CVE-2024-11140 was published May 15, 2025
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the... Low Unreviewed
CVE-2024-10098 was published May 15, 2025
Mattermost Fails to Check User Access to `ExperimentalSettings` Low
CVE-2025-2570 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
undici Denial of Service attack via bad certificate data Low
CVE-2025-47279 was published for undici (npm) May 15, 2025
styfle mcollina
Next.js Race Condition to Cache Poisoning Low
CVE-2025-32421 was published for next (npm) May 15, 2025
cold-try
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed
CVE-2025-4762 was published May 15, 2025
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager... Low Unreviewed
CVE-2025-27525 was published May 15, 2025
Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not... Low Unreviewed
CVE-2025-0138 was published May 14, 2025
Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-20616 was published May 13, 2025
Protection mechanism failure for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-21081 was published May 13, 2025
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Low Unreviewed
CVE-2025-20076 was published May 13, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-20030 was published May 13, 2025
Flask uses fallback key instead of current signing key Low
CVE-2025-47278 was published for flask (pip) May 13, 2025
jayaddison Brax94
Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow Low
CVE-2025-47280 was published for Umbraco.Forms (NuGet) May 13, 2025
sudo-rs Allows Low Privilege Users to Enumerate Privileges of Others Low
CVE-2025-46718 was published for sudo-rs (Rust) May 13, 2025
zonia3000 squell
bjorn3
Kirby vulnerable to path traversal in the router for PHP's built-in server Low
CVE-2025-30207 was published for getkirby/cms (Composer) May 13, 2025
An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7... Low Unreviewed
CVE-2024-35281 was published May 13, 2025
Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore... Low Unreviewed
CVE-2024-12533 was published May 13, 2025
sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders Low
CVE-2025-46717 was published for sudo-rs (Rust) May 13, 2025
squell rnijveld
A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4... Low Unreviewed
CVE-2025-40571 was published May 13, 2025
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key... Low Unreviewed
CVE-2025-22246 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database