Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,190 advisories

Loading
In vdec, there is a possible permission bypass due to improper input validation. This could lead... Moderate Unreviewed
CVE-2025-20657 was published Apr 7, 2025
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-20660 was published Apr 7, 2025
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58115 was published Apr 7, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-58106 was published Apr 7, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-58109 was published Apr 7, 2025
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58116 was published Apr 7, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-58108 was published Apr 7, 2025
Vulnerability of improper resource management in the memory management module Impact: Successful... Moderate Unreviewed
CVE-2024-58113 was published Apr 7, 2025
A vulnerability classified as critical was found in Kenj_Frog 肯尼基蛙 company-financial-management... Moderate Unreviewed
CVE-2025-3318 was published Apr 6, 2025
A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0 and... Moderate Unreviewed
CVE-2025-3315 was published Apr 6, 2025
A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-3316 was published Apr 6, 2025
A vulnerability classified as problematic has been found in fumiao opencms up to... Moderate Unreviewed
CVE-2025-3317 was published Apr 6, 2025
A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and... Moderate Unreviewed
CVE-2025-3314 was published Apr 6, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon... Moderate Unreviewed
CVE-2025-3312 was published Apr 6, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Men Salon Management... Moderate Unreviewed
CVE-2025-3313 was published Apr 6, 2025
A vulnerability classified as critical was found in PHPGurukul Men Salon Management System 1.0.... Moderate Unreviewed
CVE-2025-3311 was published Apr 6, 2025
Kentico Xperience before 13.0.181 allows authenticated users to distribute malicious content (for... Moderate Unreviewed
CVE-2025-32369 was published Apr 6, 2025
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see... Moderate Unreviewed
CVE-2025-32360 was published Apr 5, 2025
A vulnerability, which was classified as critical, has been found in code-projects Patient Record... Moderate Unreviewed
CVE-2025-3303 was published Apr 5, 2025
Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed
CVE-2024-56370 was published Apr 5, 2025
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to... Moderate Unreviewed
CVE-2025-32357 was published Apr 5, 2025
In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in... Moderate Unreviewed
CVE-2025-32358 was published Apr 5, 2025
The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build... Moderate Unreviewed
CVE-2025-2789 was published Apr 5, 2025
The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2025-0839 was published Apr 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database