Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

77 advisories

Loading
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42929 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42916 was published Sep 9, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20251 was published Aug 14, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20244 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9041 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9042 was published Aug 14, 2025
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary... Moderate Unreviewed
CVE-2025-30027 was published Aug 12, 2025
Mattermost Confluence Plugin has Improper Validation of Specified Type of Input High
CVE-2025-54525 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-40682 was published Jul 23, 2025
Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check Moderate
CVE-2025-53652 was published for org.jenkins-ci.tools:git-parameter (Maven) Jul 9, 2025
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message... Low Unreviewed
CVE-2025-24335 was published Jul 2, 2025
Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR... Moderate Unreviewed
CVE-2025-40910 was published Jun 27, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2025-25020 was published Jun 3, 2025
Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero... Moderate Unreviewed
CVE-2025-40911 was published May 28, 2025
An unauthenticated remote attacker can exploit input validation in cmd services of the devices,... High Unreviewed
CVE-2025-41650 was published May 27, 2025
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated,... Moderate Unreviewed
CVE-2025-20155 was published May 7, 2025
Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements High
CVE-2025-46342 was published for github.com/kyverno/kyverno (Go) Apr 29, 2025
anbrsap
Mattermost Playbooks fails to properly validate the props used by the RetrospectivePost custom post type Moderate
CVE-2025-41395 was published for github.com/mattermost/mattermost-plugin-playbooks (Go) Apr 24, 2025
Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass High
CVE-2025-32442 was published for fastify (npm) Apr 18, 2025
Linkster78 climba03003
mcollina Eomm jsumners
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially... Moderate Unreviewed
CVE-2024-42189 was published Apr 15, 2025
51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Moderate Unreviewed
CVE-2024-47261 was published Apr 8, 2025
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52... Moderate Unreviewed
CVE-2025-3070 was published Apr 2, 2025
Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering... Moderate Unreviewed
CVE-2025-1558 was published Mar 24, 2025
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param... Moderate Unreviewed
CVE-2024-47262 was published Mar 4, 2025
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0 Moderate
CVE-2025-1057 was published for keylime (pip) Feb 14, 2025
ansasaki
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database