Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

386 advisories

Loading
When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import")... Low Unreviewed
CVE-2024-5899 was published Jun 18, 2024
OpenAM (OpenAM Consortium Edition) contains a vulnerability that may cause it to malfunction as a... Low Unreviewed
CVE-2025-8662 was published Sep 3, 2025
Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an... Low Unreviewed
CVE-2025-32004 was published Aug 12, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Low Unreviewed
CVE-2025-25212 was published Aug 11, 2025
A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This... Low Unreviewed
CVE-2025-8708 was published Aug 8, 2025
CIRCL-Fourq: Missing and wrong validation can lead to incorrect results Low
CVE-2025-8556 was published for github.com/cloudflare/circl (Go) Jun 10, 2025
Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page Low
CVE-2025-8573 was published for concrete5/concrete5 (Composer) Aug 6, 2025
When passing values outside of the expected range to QColorTransferGenericFunction it can cause a... Low Unreviewed
CVE-2025-5992 was published Jul 11, 2025
Upsonic has vulnerability in Pickle Handler component that can lead to deserialization Low
CVE-2025-6279 was published for upsonic (pip) Jun 19, 2025
Transformers's Improper Input Validation vulnerability can be exploited through username injection Low
CVE-2025-3777 was published for transformers (pip) Jul 7, 2025
A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This... Low Unreviewed
CVE-2025-7060 was published Jul 4, 2025
The issue was addressed with improved validation of environment variables. This issue is fixed in... Low Unreviewed
CVE-2023-40394 was published Jan 11, 2024
Grafana long dashboard title or panel name causes unresponsives Low
CVE-2025-1088 was published for github.com/grafana/grafana (Go) Jun 18, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2025-47096 was published Jun 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2025-27242 was published Jun 8, 2025
anon-vec lacks sufficient checks in public API Low
GHSA-pr59-jjr4-gcf6 was published for anon-vec (Rust) Jun 5, 2025
Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not... Low Unreviewed
CVE-2020-16237 was published May 24, 2022
Spring Framework DataBinder Case Sensitive Match Exception Low
CVE-2025-22233 was published for org.springframework:spring-context (Maven) May 16, 2025
ryanmurf
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed
CVE-2025-4762 was published May 15, 2025
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a... Low Unreviewed
CVE-2017-8933 was published May 17, 2022
Insufficient validation of filenames against control characters in Apache Subversion repositories... Low Unreviewed
CVE-2024-46901 was published Dec 9, 2024
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating... Low Unreviewed
CVE-2016-6224 was published May 17, 2022
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60... Low Unreviewed
CVE-2015-3245 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database