Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

265,116 advisories

Loading
When etcupdate encounters conflicts while merging files, it saves a version containing conflict... Moderate Unreviewed
CVE-2025-0374 was published Jan 30, 2025
Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by... Critical Unreviewed
CVE-2022-1736 was published Jan 31, 2025
On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems... Moderate Unreviewed
CVE-2025-0373 was published Jan 30, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed
CVE-2024-56216 was published Dec 31, 2024
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it... High Unreviewed
CVE-2024-12705 was published Jan 30, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30446 was published Mar 29, 2024
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024... Moderate Unreviewed
CVE-2024-20846 was published Apr 2, 2024
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape... High Unreviewed
CVE-2023-30638 was published Apr 14, 2023
The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode... Moderate Unreviewed
CVE-2023-6880 was published Mar 13, 2024
TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to... High Unreviewed
CVE-2023-30635 was published Apr 14, 2023
Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr... Moderate Unreviewed
CVE-2024-20843 was published Apr 2, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed
CVE-2023-6154 was published Apr 1, 2024
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR... High Unreviewed
CVE-2024-20844 was published Apr 2, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-2475 was published Mar 29, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-29115 was published Mar 19, 2024
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024... Moderate Unreviewed
CVE-2024-20842 was published Apr 2, 2024
Missing Authorization vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue... Moderate Unreviewed
CVE-2024-30235 was published Mar 26, 2024
An integer overflow was found in the __vsyslog_internal function of the glibc library. This... Moderate Unreviewed
CVE-2023-6780 was published Jan 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-30498 was published Mar 29, 2024
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for... Moderate Unreviewed
CVE-2024-0591 was published Mar 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks... High Unreviewed
CVE-2024-23500 was published Mar 28, 2024
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR... High Unreviewed
CVE-2024-20849 was published Apr 2, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-30499 was published Mar 29, 2024
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection... Critical Unreviewed
CVE-2024-2389 was published Apr 2, 2024
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance... High Unreviewed
CVE-2023-30630 was published Apr 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database