Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,143
Maven
5,000+
npm
5,000+
NuGet
840
pip
4,439
Pub
12
RubyGems
990
Rust
1,174
Swift
50
Unreviewed advisories
All unreviewed
5,000+

13,457 advisories

Loading
HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content... Low Unreviewed
CVE-2025-62328 was published Mar 12, 2026
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a... Low Unreviewed
CVE-2025-9521 was published Jan 26, 2026
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access... Low Unreviewed
CVE-2026-24509 was published Mar 11, 2026
A potential vulnerability was reported in the Lenovo FileZ Android application that, under... Low Unreviewed
CVE-2026-0520 was published Mar 11, 2026
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper... Low Unreviewed
CVE-2026-24508 was published Mar 11, 2026
Anytype Heart's gRPC API client challenge verification can be bypassed on localhost Low
CVE-2026-31863 was published for github.com/anyproto/anytype-cli (Go) Mar 11, 2026
An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02... Low Unreviewed
CVE-2026-1524 was published Mar 11, 2026
Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to... Low Unreviewed
CVE-2026-1497 was published Mar 11, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8... Low Unreviewed
CVE-2025-12704 was published Mar 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18... Low Unreviewed
CVE-2025-12697 was published Mar 11, 2026
Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01... Low Unreviewed
CVE-2026-1471 was published Mar 11, 2026
In Trusted Execution Environment, there is a possible key leak due to side channel information... Low Unreviewed
CVE-2026-0115 was published Mar 10, 2026
Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP... Low Unreviewed
CVE-2025-70330 was published Mar 11, 2026
Craft CMS Vulnerable to Stored XSS via User Group Name in User Permissions Page Low
GHSA-g3hp-vvqf-8vw6 was published for craftcms/cms (Composer) Mar 11, 2026
mHe4am Credited to mHe4am
A command injection vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2024-14026 was published Mar 11, 2026
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains... Low Unreviewed
CVE-2024-14025 was published Mar 11, 2026
An improper certificate validation vulnerability has been reported to affect Video Station. If an... Low Unreviewed
CVE-2024-14024 was published Mar 11, 2026
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the... Low Unreviewed
CVE-2026-3884 was published Mar 11, 2026
A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a... Low Unreviewed
CVE-2026-3911 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Low Unreviewed
CVE-2026-21295 was published Mar 11, 2026
Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within... Low Unreviewed
CVE-2025-20073 was published Mar 11, 2026
In VPU, there is a possible use-after-free read due to a race condition. This could lead to local... Low Unreviewed
CVE-2026-0121 was published Mar 10, 2026
Craft Commerce is Vulnerable to Stored XSS while updating Order Status from Orders Table Low
CVE-2026-29173 was published for craftcms/commerce (Composer) Mar 10, 2026
mHe4am Credited to mHe4am
Craft CMS has a potential information disclosure vulnerability in preview tokens Low
CVE-2026-29113 was published for craftcms/cms (Composer) Mar 10, 2026
singetu0096 Credited to singetu0096
Craft Commerce has stored XSS in Craft Commerce Order Details Slideout Low
CVE-2026-29177 was published for craftcms/commerce (Composer) Mar 10, 2026
mHe4am Credited to mHe4am
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database