Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

16 advisories

Loading
A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may... Critical Unreviewed
CVE-2019-9535 was published May 24, 2022
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where... Low Unreviewed
CVE-2020-10751 was published May 24, 2022
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed
CVE-2023-3749 was published Aug 3, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... High Unreviewed
CVE-2023-44317 was published Nov 14, 2023
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode... Moderate Unreviewed
CVE-2023-51655 was published Dec 21, 2023
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5... Moderate Unreviewed
CVE-2024-3367 was published Apr 16, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21094 was published Apr 17, 2024
Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4... High Unreviewed
CVE-2024-41924 was published Jul 30, 2024
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack... Moderate Unreviewed
CVE-2024-27185 was published Aug 20, 2024
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via... Moderate Unreviewed
CVE-2024-52555 was published Nov 15, 2024
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2025-29816 was published Apr 8, 2025
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized... High Unreviewed
CVE-2025-29842 was published May 13, 2025
A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated,... Moderate Unreviewed
CVE-2025-20255 was published May 21, 2025
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an... Moderate Unreviewed
CVE-2025-48804 was published Jul 8, 2025
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be... High Unreviewed
CVE-2025-40776 was published Jul 16, 2025
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in... High Unreviewed
CVE-2025-5994 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database