Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,532 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in... Moderate Unreviewed
CVE-2022-49277 was published Apr 14, 2025
In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in... Moderate Unreviewed
CVE-2022-49276 was published Apr 14, 2025
Pleezer resource exhaustion through uncollected hook script processes Moderate
CVE-2025-32439 was published for pleezer (Rust) Apr 14, 2025
MadMarcsen
A vulnerability was found in Fannuo Enterprise Content Management System 凡诺企业网站管理系统 1.1/4.0. It... Moderate Unreviewed
CVE-2025-3571 was published Apr 14, 2025
A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0. It has been classified... Moderate Unreviewed
CVE-2025-3570 was published Apr 14, 2025
A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL... Moderate Unreviewed
CVE-2025-32910 was published Apr 14, 2025
A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0 and classified as... Moderate Unreviewed
CVE-2025-3569 was published Apr 14, 2025
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference... Moderate Unreviewed
CVE-2025-32909 was published Apr 14, 2025
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7... Moderate Unreviewed
CVE-2024-49825 was published Apr 14, 2025
A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-3568 was published Apr 14, 2025
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference.... Moderate Unreviewed
CVE-2025-32912 was published Apr 14, 2025
Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm Moderate
CVE-2025-2475 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 14, 2025
kbsteere
A vulnerability, which was classified as critical, has been found in veal98 小牛肉 Echo 开源社区系统 4.2.... Moderate Unreviewed
CVE-2025-3566 was published Apr 14, 2025
A vulnerability, which was classified as problematic, was found in veal98 小牛肉 Echo 开源社区系统 4.2.... Moderate Unreviewed
CVE-2025-3567 was published Apr 14, 2025
gorilla/csrf CSRF vulnerability due to broken Referer validation Moderate
CVE-2025-24358 was published for github.com/gorilla/csrf (Go) Apr 14, 2025
patrickod
Directus inserts access token from query string into logs Moderate
CVE-2024-47822 was published for @directus/api (npm) Apr 14, 2025
licitdev
A vulnerability classified as problematic has been found in huanfenz/code-projects StudentManager... Moderate Unreviewed
CVE-2025-3564 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-49707 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site... Moderate Unreviewed
CVE-2024-49708 was published Apr 14, 2025
A vulnerability classified as critical was found in huanfenz/code-projects StudentManager 1.0.... Moderate Unreviewed
CVE-2025-3565 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10087 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10088 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site... Moderate Unreviewed
CVE-2024-10089 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10090 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-13597 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database