Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
ingress-nginx controller - configuration injection via unsanitized mirror annotations High
CVE-2025-1098 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
ngress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation High
CVE-2025-1097 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
ingress-nginx controller - configuration injection via unsanitized auth-url annotation High
CVE-2025-24514 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change... High Unreviewed
CVE-2025-0425 was published Feb 18, 2025
For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker... High Unreviewed
CVE-2024-11166 was published Jan 22, 2025
Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability... High Unreviewed
CVE-2024-54097 was published Dec 12, 2024
Service Control vulnerabilities allow access to service restart requests and vm configuration... High Unreviewed
CVE-2024-51544 was published Dec 5, 2024
Information Disclosure vulnerabilities allow access to application configuration information. ... High Unreviewed
CVE-2024-51543 was published Dec 5, 2024
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the... High Unreviewed
CVE-2024-50358 was published Nov 26, 2024
Flowise OverrideConfig security vulnerability High
GHSA-5cph-wvm9-45gj was published for flowise (npm) Nov 21, 2024
ryanhalliday
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database... High Unreviewed
CVE-2024-10979 was published Nov 14, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed
CVE-2023-6154 was published Apr 1, 2024
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process... High Unreviewed
CVE-2024-1488 was published Feb 15, 2024
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior... High Unreviewed
CVE-2023-4704 was published Sep 1, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various... High Unreviewed
CVE-2023-3321 was published Jul 24, 2023
Versions 00.07.00 through 00.07.03.4 of Teltonika’s RUT router firmware contain a packet dump... High Unreviewed
CVE-2023-32349 was published Jul 6, 2023
The security module has configuration defects.Successful exploitation of this vulnerability may... High Unreviewed
CVE-2022-41582 was published Oct 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database