Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
auth-js Vulnerable to Insecure Path Routing from Malformed User Input Low
CVE-2025-48370 was published for @supabase/auth-js (npm) May 27, 2025
kos0ng
The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up... Low Unreviewed
CVE-2025-48931 was published May 28, 2025
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even... Low Unreviewed
CVE-2025-48930 was published May 28, 2025
Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES ... Low Unreviewed
CVE-2025-2545 was published May 5, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3513 was published May 2, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3514 was published May 2, 2025
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling Low
CVE-2021-41136 was published for puma (RubyGems) Oct 12, 2021
asta12 mattiasgrenfeldt
decsecre583
Hackney fails to properly release HTTP connections to the pool Low
CVE-2025-3864 was published for hackney (Erlang) May 28, 2025
Fess has Insecure Temporary File Permissions Low
CVE-2025-48382 was published for org.codelibs.fess:fess (Maven) May 27, 2025
simei2k yusuke-koyoshi
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0,... Low Unreviewed
CVE-2025-46777 was published May 28, 2025
A exposure of sensitive system information to an unauthorized control sphere in Fortinet... Low Unreviewed
CVE-2025-24473 was published May 28, 2025
A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0... Low Unreviewed
CVE-2024-54020 was published May 28, 2025
n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC... Low Unreviewed
CVE-2025-2826 was published May 28, 2025
SCSIR has a Potential Unsound Issue in WriteSameCommand Low
CVE-2025-48756 was published for scsir (Rust) May 24, 2025
Formidable relies on hexoid to prevent guessing of filenames for untrusted executable content Low
CVE-2025-46653 was published for formidable (npm) Apr 26, 2025
qwilr-altonius diego-santacruz
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).... Low Unreviewed
CVE-2020-14797 was published May 24, 2022
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2021-2341 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:... Low Unreviewed
CVE-2020-14779 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).... Low Unreviewed
CVE-2020-14798 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).... Low Unreviewed
CVE-2020-14782 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI).... Low Unreviewed
CVE-2020-14781 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).... Low Unreviewed
CVE-2020-14796 was published May 24, 2022
memory_pages division by zero Low
CVE-2025-48754 was published for memory_pages (Rust) May 24, 2025
Process Sync has a Potential Unsound Issue in SharedMutex Low
CVE-2025-48752 was published for process-sync (Rust) May 24, 2025
process_lock has a Potential Unsound issue in unlock Low
CVE-2025-48751 was published for process_lock (Rust) May 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database