Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-25217 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-21082 was published Jun 8, 2025
Sentry's Python SDK unintentionally exposes environment variables to subprocesses Low
CVE-2024-40647 was published for sentry-sdk (pip) Jul 18, 2024
kmichel-aiven cgurnik
SpiceDB checks involving relations with caveats can result in no permission when permission is expected Low
CVE-2025-49011 was published for github.com/authzed/spicedb (Go) Jun 6, 2025
miparnisari
A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If... Low Unreviewed
CVE-2024-50406 was published Jun 6, 2025
A use of externally-controlled format string vulnerability has been reported to affect Qsync... Low Unreviewed
CVE-2025-22482 was published Jun 6, 2025
A command injection vulnerability has been reported to affect QHora. If an attacker gains local... Low Unreviewed
CVE-2024-13087 was published Jun 6, 2025
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed
CVE-2023-35816 was published Apr 28, 2025
A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects... Low Unreviewed
CVE-2025-5641 was published Jun 5, 2025
A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability... Low Unreviewed
CVE-2025-5646 was published Jun 5, 2025
A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the... Low Unreviewed
CVE-2025-5642 was published Jun 5, 2025
A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this... Low Unreviewed
CVE-2025-5643 was published Jun 5, 2025
A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is... Low Unreviewed
CVE-2025-5648 was published Jun 5, 2025
A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected... Low Unreviewed
CVE-2025-5644 was published Jun 5, 2025
A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects... Low Unreviewed
CVE-2025-5645 was published Jun 5, 2025
A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the... Low Unreviewed
CVE-2025-5647 was published Jun 5, 2025
anon-vec lacks sufficient checks in public API Low
GHSA-pr59-jjr4-gcf6 was published for anon-vec (Rust) Jun 5, 2025
Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution Low
CVE-2025-5321 was published for aim (pip) May 29, 2025
In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior,... Low Unreviewed
CVE-2020-14477 was published May 24, 2022
Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system... Low Unreviewed
CVE-2020-12023 was published May 24, 2022
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not... Low Unreviewed
CVE-2020-14525 was published May 24, 2022
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly... Low Unreviewed
CVE-2020-16241 was published May 24, 2022
Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not... Low Unreviewed
CVE-2020-16237 was published May 24, 2022
Gradio CORS Origin Validation Bypass Vulnerability Low
CVE-2025-5320 was published for gradio (pip) May 29, 2025
Spring Cloud Contract vulnerable to local information disclosure Low
CVE-2024-22236 was published for org.springframework.cloud:spring-cloud-contract-shade (Maven) Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database