Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,534 advisories

Loading
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-30697 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30684 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30689 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30687 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30688 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30685 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-30693 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported... Moderate Unreviewed
CVE-2025-30696 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). ... Moderate Unreviewed
CVE-2025-30699 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-30695 was published Apr 15, 2025
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2025-30692 was published Apr 15, 2025
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are... Moderate Unreviewed
CVE-2025-30691 was published Apr 15, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-30698 was published Apr 15, 2025
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-21582 was published Apr 15, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21586 was published Apr 15, 2025
An attacker can change registered email addresses of other users and take over arbitrary accounts. Moderate Unreviewed
CVE-2025-27939 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-21588 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2025-21584 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21585 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30682 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Moderate Unreviewed
CVE-2025-30683 was published Apr 15, 2025
An unauthenticated attacker can infer the existence of usernames in the system by querying an API. Moderate Unreviewed
CVE-2025-24487 was published Apr 15, 2025
Unauthenticated attackers can obtain restricted information about a user's smart device... Moderate Unreviewed
CVE-2025-27938 was published Apr 15, 2025
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email... Moderate Unreviewed
CVE-2025-27568 was published Apr 15, 2025
An unauthenticated attacker can obtain a serial number of a smart meter(s) using its owner's... Moderate Unreviewed
CVE-2025-30254 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database