Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,956 advisories

Loading
An attacker may inject commands via specially-crafted post requests. High Unreviewed
CVE-2025-24861 was published Feb 14, 2025
The Mojave Inverter uses the GET method for sensitive information. High Unreviewed
CVE-2025-26473 was published Feb 14, 2025
An attacker may modify the URL to discover sensitive information about the target network. High Unreviewed
CVE-2025-25281 was published Feb 14, 2025
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(),... High Unreviewed
CVE-2025-1094 was published Feb 13, 2025
Directory Traversal vulnerability in yeqifu carRental v.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-51376 was published Feb 13, 2025
An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal,... High Unreviewed
CVE-2024-34520 was published Feb 13, 2025
Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator... High Unreviewed
CVE-2023-0670 was published Apr 5, 2023
: Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Lexmark... High Unreviewed
CVE-2024-11346 was published Feb 13, 2025
Integer Overflow or Wraparound vulnerability in Lexmark International CX, XC, CS, et. Al. ... High Unreviewed
CVE-2024-11347 was published Feb 13, 2025
A heap-based memory vulnerability has been identified in the Postscript interpreter in various... High Unreviewed
CVE-2024-11345 was published Feb 13, 2025
A type confusion vulnerability has been identified in the Postscript interpreter in various... High Unreviewed
CVE-2024-11344 was published Feb 13, 2025
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are... High Unreviewed
CVE-2024-25581 was published May 14, 2024
This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data... High Unreviewed
CVE-2024-21686 was published Jul 16, 2024
Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length... High Unreviewed
CVE-2025-25522 was published Feb 11, 2025
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer... High Unreviewed
CVE-2024-1351 was published Mar 7, 2024
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The... High Unreviewed
CVE-2024-20953 was published Feb 17, 2024
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows... High Unreviewed
CVE-2024-23452 was published Feb 8, 2024
EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS... High Unreviewed
CVE-2023-45234 was published Jan 16, 2024
EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling... High Unreviewed
CVE-2023-45235 was published Jan 16, 2024
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown... High Unreviewed
CVE-2023-45232 was published Jan 16, 2024
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option... High Unreviewed
CVE-2023-45233 was published Jan 16, 2024
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation... High Unreviewed
CVE-2023-6185 was published Dec 11, 2023
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system... High Unreviewed
CVE-2023-6931 was published Dec 19, 2023
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to... High Unreviewed
CVE-2023-6932 was published Dec 19, 2023
Insufficient macro permission validation of The Document Foundation LibreOffice allows an... High Unreviewed
CVE-2023-6186 was published Dec 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database