Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-27534 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22452 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-24304 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-25057 was published Apr 7, 2025
A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3... Low Unreviewed
CVE-2025-3329 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-20102 was published Apr 7, 2025
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR... Low Unreviewed
CVE-2025-32366 was published Apr 7, 2025
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed
CVE-2024-42208 was published Apr 4, 2025
React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button Low
CVE-2025-3191 was published for react-draft-wysiwyg (npm) Apr 4, 2025
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability... Low Unreviewed
CVE-2025-3177 was published Apr 3, 2025
A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed
CVE-2025-3169 was published Apr 3, 2025
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file Low Unreviewed
CVE-2025-32054 was published Apr 3, 2025
Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol... Low Unreviewed
CVE-2025-29991 was published Apr 3, 2025
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value... Low Unreviewed
CVE-2025-3154 was published Apr 3, 2025
A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this... Low Unreviewed
CVE-2025-3122 was published Apr 3, 2025
Next.js may leak x-middleware-subrequest-id to external hosts Low
CVE-2025-30218 was published for next (npm) Apr 2, 2025
Ry0taK takumi-san-ai
A broken access control vulnerability previously discovered in the Trend Vision One Role Name... Low Unreviewed
CVE-2025-31285 was published Apr 2, 2025
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One Status... Low Unreviewed
CVE-2025-31284 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Account... Low Unreviewed
CVE-2025-31282 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Roles... Low Unreviewed
CVE-2025-31283 was published Apr 2, 2025
PyO3 Risk of buffer overflow in `PyString::from_object` Low
GHSA-pph8-gcv7-4qj5 was published for pyo3 (Rust) Apr 2, 2025
Execution time for an unsuccessful login differs when using a non-existing username compared to... Low Unreviewed
CVE-2024-36469 was published Apr 2, 2025
Zabbix API user.get returns all users that share common group with the calling user. This... Low Unreviewed
CVE-2024-42325 was published Apr 2, 2025
A user authorized to access a view may be able to alter the intended collation, allowing them to... Low Unreviewed
CVE-2025-3082 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database