GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,129
Composer 4,331
Erlang 31
GitHub Actions 21
Go 2,093
Maven 5,262
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,214

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242,214 advisories

Filter by severity

Sort by

Least recently updated

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. ... Low Unreviewed

CVE-2024-42182 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It... Low Unreviewed

CVE-2024-42183 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Unknown Unreviewed

CVE-2024-57721 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component... Unknown Unreviewed

CVE-2024-57722 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Unknown Unreviewed

CVE-2024-57719 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. Unknown Unreviewed

CVE-2024-57720 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Unknown Unreviewed

CVE-2024-57723 was published Jan 23, 2025

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site... Moderate Unreviewed

CVE-2023-32340 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed

CVE-2024-42187 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML... Low Unreviewed

CVE-2024-42185 was published Jan 23, 2025

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Unknown Unreviewed

CVE-2024-57724 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can... Low Unreviewed

CVE-2024-42186 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could... Low Unreviewed

CVE-2024-42184 was published Jan 23, 2025

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross... Moderate Unreviewed

CVE-2023-50309 was published Jan 23, 2025

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1298: Add... Moderate Unreviewed

CVE-2024-57944 was published Jan 21, 2025

An improper restriction of operations within the bounds of a memory buffer in the parameter type... Moderate Unreviewed

CVE-2024-38266 was published Sep 24, 2024

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose... Moderate Unreviewed

CVE-2024-57938 was published Jan 21, 2025

OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious... Moderate Unreviewed

CVE-2024-48392 was published Jan 21, 2025

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop... Moderate Unreviewed

CVE-2024-57940 was published Jan 21, 2025

Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed... Moderate Unreviewed

CVE-2024-55958 was published Jan 21, 2025

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer... Moderate Unreviewed

CVE-2025-21658 was published Jan 21, 2025

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The... Moderate Unreviewed

CVE-2024-57545 was published Jan 21, 2025

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The... Moderate Unreviewed

CVE-2024-57544 was published Jan 21, 2025

The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-12477 was published Jan 23, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed

CVE-2025-21540 was published Jan 21, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

242,214 advisories