Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

114,094 advisories

Loading
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was... Moderate Unreviewed
CVE-2024-52612 was published Feb 11, 2025
In affected versions of Octopus Deploy where customers are using Active Directory for... Moderate Unreviewed
CVE-2025-0589 was published Feb 11, 2025
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by... Moderate Unreviewed
CVE-2025-1178 was published Feb 11, 2025
Sensitive data could be exposed to non- privileged users in a configuration file. Local access... Moderate Unreviewed
CVE-2024-45718 was published Feb 11, 2025
A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected... Moderate Unreviewed
CVE-2025-1177 was published Feb 11, 2025
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore... Moderate Unreviewed
CVE-2025-1173 was published Feb 11, 2025
Versions of the package hackney from 0.0.0 are vulnerable to Server-side Request Forgery (SSRF)... Moderate Unreviewed
CVE-2025-1211 was published Feb 11, 2025
NetVision Information ISOinsight has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2025-1145 was published Feb 11, 2025
A vulnerability classified as problematic was found in code-projects Real Estate Property... Moderate Unreviewed
CVE-2025-1171 was published Feb 11, 2025
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore... Moderate Unreviewed
CVE-2025-1172 was published Feb 11, 2025
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-1174 was published Feb 11, 2025
A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-1169 was published Feb 11, 2025
A vulnerability classified as problematic has been found in code-projects Real Estate Property... Moderate Unreviewed
CVE-2025-1170 was published Feb 11, 2025
A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and... Moderate Unreviewed
CVE-2025-1167 was published Feb 11, 2025
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been... Moderate Unreviewed
CVE-2025-1168 was published Feb 11, 2025
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical... Moderate Unreviewed
CVE-2025-1166 was published Feb 11, 2025
Due to a missing authorization check, an attacker who is logged in to application can view/... Moderate Unreviewed
CVE-2025-25241 was published Feb 11, 2025
The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain... Moderate Unreviewed
CVE-2025-24872 was published Feb 11, 2025
SAP Commerce (Backoffice) uses the deprecated X-FRAME-OPTIONS header to protect against... Moderate Unreviewed
CVE-2025-24874 was published Feb 11, 2025
SAP Commerce, by default, sets certain cookies with the SameSite attribute configured to None ... Moderate Unreviewed
CVE-2025-24875 was published Feb 11, 2025
SAP BusinessObjects Platform (BI Launchpad) does not sufficiently handle user input, resulting in... Moderate Unreviewed
CVE-2025-24867 was published Feb 11, 2025
SAP NetWeaver Server ABAP allows an unauthenticated attacker to exploit a vulnerability that... Moderate Unreviewed
CVE-2025-23193 was published Feb 11, 2025
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an... Moderate Unreviewed
CVE-2025-23187 was published Feb 11, 2025
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an... Moderate Unreviewed
CVE-2025-23189 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database