Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Loading
A vulnerability was detected in ThingsBoard 4.1. This vulnerability affects unknown code of the... Moderate Unreviewed
CVE-2025-9094 was published Aug 18, 2025
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has... Moderate Unreviewed
CVE-2025-6761 was published Jun 27, 2025
pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function Low
CVE-2025-6518 was published for pyspur (pip) Jun 23, 2025
AngularJS Incomplete Filtering of Special Elements vulnerability Moderate
CVE-2025-2336 was published for angular-sanitize (npm) Jun 4, 2025
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower... Critical Unreviewed
CVE-2025-0324 was published Jun 2, 2025
A vulnerability has been found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform... Moderate Unreviewed
CVE-2025-5325 was published May 29, 2025
AngularJS improperly sanitizes SVG elements Low
CVE-2025-0716 was published for angular (npm) Apr 29, 2025
A vulnerability, which was classified as problematic, was found in wix-incubator jam up to... Moderate Unreviewed
CVE-2025-3841 was published Apr 21, 2025
An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R... High Unreviewed
CVE-2024-45481 was published Mar 25, 2025
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected... Moderate Unreviewed
CVE-2025-2040 was published Mar 6, 2025
An unauthenticated attacker can create a malicious link which they can make publicly available.... High Unreviewed
CVE-2024-47590 was published Nov 12, 2024
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8373 was published for angular (npm) Sep 9, 2024
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5... High Unreviewed
CVE-2024-39283 was published Aug 14, 2024
PrivateBin allows shortening of URLs for other domains Moderate
CVE-2024-39899 was published for privatebin/privatebin (Composer) Jul 10, 2024
nbxiglk0
CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion. Moderate Unreviewed
CVE-2024-32162 was published Apr 17, 2024
The XAO::Web module before 1.84 for Perl mishandles < and > characters in JSON output during use... Moderate Unreviewed
CVE-2020-36827 was published Mar 24, 2024
An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering... High Unreviewed
CVE-2023-31172 was published Aug 31, 2023
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0... Moderate Unreviewed
CVE-2023-1076 was published Mar 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database