Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,587 advisories

Loading
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed
CVE-2025-22386 was published Jan 4, 2025
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... High Unreviewed
CVE-2025-22389 was published Jan 4, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component... High Unreviewed
CVE-2024-35365 was published Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in Currency.php file High
CVE-2024-56409 was published for phpoffice/phpexcel (Composer) Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in the Accounting.php file High
CVE-2024-56366 was published for phpoffice/phpexcel (Composer) Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in the constructor of the Downloader class High
CVE-2024-56365 was published for phpoffice/phpexcel (Composer) Jan 3, 2025
SiYuan has an arbitrary file deletion vulnerability High
CVE-2025-21609 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 3, 2025
N0el4kLs
Karmada PULL Mode Cluster Privilege Escalation High
CVE-2024-56513 was published for github.com/karmada-io/karmada (Go) Jan 3, 2025
zhzhuang-zju RainbowMango
SHIRO-BAKO suidpit TheZ3ro
PhpSpreadsheet allows unauthorized Reflected XSS in `Convert-Online.php` file High
CVE-2024-56408 was published for phpoffice/phpexcel (Composer) Jan 3, 2025
zly123987
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high... High Unreviewed
CVE-2024-9138 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-53833 was published Jan 3, 2025
In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-47032 was published Jan 3, 2025
In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read... High Unreviewed
CVE-2024-53834 was published Jan 3, 2025
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-53837 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out... High Unreviewed
CVE-2024-53838 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due... High Unreviewed
CVE-2024-43767 was published Jan 3, 2025
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed
CVE-2024-43769 was published Jan 3, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43097 was published Jan 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database