Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,620 advisories

Loading
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed
CVE-2025-21385 was published Jan 10, 2025
Vaultwarden vulnerable to user impersonation High
CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025
Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All... High Unreviewed
CVE-2024-13311 was published Jan 9, 2025
Smart Toilet Lab - Motius 1.3.11 is running with debug mode turned on (DEBUG = True) and exposing... High Unreviewed
CVE-2024-56113 was published Jan 9, 2025
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... High Unreviewed
CVE-2024-13267 was published Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request... High Unreviewed
CVE-2024-13284 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed
CVE-2024-13282 was published Jan 9, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity (fieldable... High Unreviewed
CVE-2024-13276 was published Jan 9, 2025
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... High Unreviewed
CVE-2024-13265 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross... High Unreviewed
CVE-2024-13260 was published Jan 9, 2025
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the... High Unreviewed
CVE-2024-54887 was published Jan 9, 2025
An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing... High Unreviewed
CVE-2025-21598 was published Jan 9, 2025
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web... High Unreviewed
CVE-2024-13255 was published Jan 9, 2025
Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege... High Unreviewed
CVE-2024-13251 was published Jan 9, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows... High Unreviewed
CVE-2024-13254 was published Jan 9, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful... High Unreviewed
CVE-2024-13256 was published Jan 9, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows... High Unreviewed
CVE-2024-13259 was published Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Drupal Symfony Mailer Lite allows Cross... High Unreviewed
CVE-2024-13250 was published Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request... High Unreviewed
CVE-2024-13244 was published Jan 9, 2025
Improper Access Control vulnerability in Drupal Open Social allows Collect Data from Common... High Unreviewed
CVE-2024-13240 was published Jan 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver ... High Unreviewed
CVE-2025-21599 was published Jan 9, 2025
An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks... High Unreviewed
CVE-2025-21600 was published Jan 9, 2025
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol... High Unreviewed
CVE-2025-21593 was published Jan 9, 2025
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)... High Unreviewed
CVE-2025-21602 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database