Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,588 advisories

Loading
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
Extension:TabberNeue vulnerable to Cross-site Scripting High
CVE-2025-21612 was published for starcitizentools/tabber-neue (Composer) Jan 6, 2025
BlankEclair
OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private... High Unreviewed
CVE-2024-8474 was published Jan 6, 2025
Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM... High Unreviewed
CVE-2024-45550 was published Jan 6, 2025
Memory corruption while processing IOCTL call invoked from user-space to verify non extension... High Unreviewed
CVE-2024-45547 was published Jan 6, 2025
Memory corruption can occur when process-specific maps are added to the global list. If a map is... High Unreviewed
CVE-2024-45553 was published Jan 6, 2025
Memory corruption when IOCTL call is invoked from user-space to read board data. High Unreviewed
CVE-2024-45541 was published Jan 6, 2025
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot... High Unreviewed
CVE-2024-45555 was published Jan 6, 2025
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL... High Unreviewed
CVE-2024-45548 was published Jan 6, 2025
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the... High Unreviewed
CVE-2024-45558 was published Jan 6, 2025
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. High Unreviewed
CVE-2024-45546 was published Jan 6, 2025
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. High Unreviewed
CVE-2024-45542 was published Jan 6, 2025
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access... High Unreviewed
CVE-2024-43064 was published Jan 6, 2025
Memory corruption while processing IPA statistics, when there are no active clients registered. High Unreviewed
CVE-2024-21464 was published Jan 6, 2025
In wlan STA driver, there is a possible out of bounds write due to improper input validation.... High Unreviewed
CVE-2024-20146 was published Jan 6, 2025
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial... High Unreviewed
CVE-2024-20150 was published Jan 6, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2024-20154 was published Jan 6, 2025
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID.... High Unreviewed
CVE-2024-20153 was published Jan 6, 2025
In Modem, there is a possible system crash due to improper input validation. This could lead to... High Unreviewed
CVE-2024-20149 was published Jan 6, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10957 was published Jan 4, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote... High Unreviewed
CVE-2024-41766 was published Jan 4, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL... High Unreviewed
CVE-2024-41767 was published Jan 4, 2025
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-10932 was published Jan 4, 2025
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed
CVE-2025-22387 was published Jan 4, 2025
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed
CVE-2025-22384 was published Jan 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database