Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,124
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-3469 was published Apr 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-32700 was published Apr 10, 2025
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This... Low Unreviewed
CVE-2025-32697 was published Apr 10, 2025
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This... Low Unreviewed
CVE-2025-32696 was published Apr 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-32698 was published Apr 10, 2025
SurrealDB has local file read of 2-column TSV files via analyzers Low
GHSA-2cvj-g5r5-jrrg was published for surrealdb (Rust) Apr 10, 2025
cure53
Mattermost Fails to Enforce Proper Access Controls on `/api/v4/audits` Endpoint Low
CVE-2025-24866 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 10, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and... Low Unreviewed
CVE-2025-2469 was published Apr 10, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2025-32205 was published Apr 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information... Low Unreviewed
CVE-2025-23378 was published Apr 10, 2025
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions... Low Unreviewed
CVE-2025-29989 was published Apr 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write... Low Unreviewed
CVE-2025-26479 was published Apr 10, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Low Unreviewed
CVE-2025-31003 was published Apr 9, 2025
Shopware default newsletter opt-in settings allow for mass sign-up abuse Low
CVE-2025-32378 was published for shopware/core (Composer) Apr 9, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Low Unreviewed
CVE-2025-27192 was published Apr 8, 2025
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This... Low Unreviewed
CVE-2025-3416 was published Apr 8, 2025
Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an... Low Unreviewed
CVE-2025-27443 was published Apr 8, 2025
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79]... Low Unreviewed
CVE-2025-22855 was published Apr 8, 2025
A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1... Low Unreviewed
CVE-2024-32122 was published Apr 8, 2025
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in... Low Unreviewed
CVE-2024-50565 was published Apr 8, 2025
Pimcore's Admin Classic Bundle allows HTML Injection Low
CVE-2025-30166 was published for pimcore/admin-ui-classic-bundle (Composer) Apr 8, 2025
Tokio broadcast channel calls clone in parallel, but does not require `Sync` Low
GHSA-rr8g-9fpq-6wmg was published for tokio (Rust) Apr 7, 2025
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long... Low Unreviewed
CVE-2025-3360 was published Apr 7, 2025
Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to... Low Unreviewed
CVE-2025-27686 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22842 was published Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database