Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

46 advisories

Loading
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote... High Unreviewed
CVE-2014-0758 was published May 17, 2022
filebrowser Allows Shell Commands to Spawn Other Commands High
CVE-2025-52903 was published for github.com/filebrowser/filebrowser (Go) Jun 27, 2025
mtausig hacdias
A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an... High Unreviewed
CVE-2025-37097 was published Jul 1, 2025
WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-5748 was published Jun 6, 2025
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55924 was published for typo3/cms-scheduler (Composer) Jan 14, 2025
shm0sby rosegabe
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55921 was published for typo3/cms-extensionmanager (Composer) Jan 14, 2025
Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead... High Unreviewed
CVE-2016-9469 was published May 13, 2022
Cryptographic issues while generating an asymmetric key pair for RKP use cases. High Unreviewed
CVE-2024-43065 was published Apr 7, 2025
REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only... High Unreviewed
CVE-2021-33639 was published Mar 9, 2023
Exposed Dangerous Method or Function vulnerability in PTT Inc. HGS Mobile App allows Manipulating... High Unreviewed
CVE-2024-12651 was published Feb 14, 2025
Improper Input Validation in Apache Struts High
CVE-2006-1547 was published for struts:struts (Maven) May 1, 2022
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape High
GHSA-vp47-9734-prjw was published for asteval (pip) Jan 23, 2025
SteakEnthusiast
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37365 was published Mar 29, 2023
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability... High Unreviewed
CVE-2023-39470 was published Nov 22, 2024
Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by... High Unreviewed
CVE-2024-47005 was published Oct 25, 2024
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35209 was published Jun 11, 2024
Local Privilege Escalation in MSI-Installer in baramundi Management Agent v23.1.172.0 on Windows... High Unreviewed
CVE-2024-6689 was published Jul 15, 2024
parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an... High Unreviewed
CVE-2024-1873 was published Jun 6, 2024
Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution... High Unreviewed
CVE-2023-51584 was published May 3, 2024
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation... High Unreviewed
CVE-2023-51577 was published May 3, 2024
NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function... High Unreviewed
CVE-2023-38101 was published May 3, 2024
Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure... High Unreviewed
CVE-2023-42032 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database