Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
MongoDB Server may allow upsert operations retried within a transaction to violate unique index... Moderate Unreviewed
CVE-2025-10060 was published Sep 5, 2025
Rust XCB `xcb::Connection::connect_to_fd*` functions violate I/O safety Low
GHSA-655h-hg88-5qmf was published for xcb (Rust) Aug 22, 2025
Wasmtime CLI is vulnerable to host panic through its fd_renumber function Low
CVE-2025-53901 was published for wasmtime (Rust) Jul 18, 2025
hatoo rvolosatovs
In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock... Moderate Unreviewed
CVE-2021-47294 was published May 21, 2024
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022)... High Unreviewed
CVE-2023-34326 was published Jan 5, 2024
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of... High Unreviewed
CVE-2025-6031 was published Jun 12, 2025
Suspended Directus user can continue to use session token to access API Low
CVE-2025-30351 was published for @directus/api (npm) Mar 26, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and... High Unreviewed
CVE-2025-31253 was published May 13, 2025
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended... High Unreviewed
CVE-2022-30256 was published Nov 19, 2022
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager. Low Unreviewed
CVE-2025-2517 was published Apr 21, 2025
By using XSL Transforms, a malicious webserver could have served a user an XSL document that... High Unreviewed
CVE-2022-22755 was published Dec 22, 2022
array-init-cursor is unsound when used with types that implement `Drop` Low
GHSA-67r5-rqwv-9p9q was published for array-init-cursor (Rust) Mar 31, 2025
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7... High Unreviewed
CVE-2024-47571 was published Jan 14, 2025
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow... Moderate Unreviewed
CVE-2022-27499 was published Nov 11, 2022
Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A... Moderate Unreviewed
CVE-2025-21117 was published Feb 5, 2025
JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh Low
CVE-2025-22149 was published for github.com/MicahParks/jwkset (Go) Jan 9, 2025
rohitkoul
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid... High Unreviewed
CVE-2021-47069 was published Mar 2, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31894 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31895 was published May 22, 2024
UAF vulnerability in the device node access module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-56434 was published Jan 8, 2025
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31893 was published May 22, 2024
In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct... Moderate Unreviewed
CVE-2024-56674 was published Dec 27, 2024
ZITADEL Allows Unauthorized Access After Organization or Project Deactivation High
CVE-2024-47060 was published for github.com/zitadel/zitadel/v2 (Go) Sep 19, 2024
prdp1137 livio-a
fforootd
In the Linux kernel, the following vulnerability has been resolved: ACPI: battery: Fix possible... Moderate Unreviewed
CVE-2024-49955 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused... Moderate Unreviewed
CVE-2024-49953 was published Oct 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database