Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,522
Maven
5,000+
npm
4,176
NuGet
741
pip
3,965
Pub
12
RubyGems
947
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a... Critical Unreviewed
CVE-2025-54145 was published Aug 19, 2025
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid... Critical Unreviewed
CVE-2025-55031 was published Aug 19, 2025
Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). ... Critical Unreviewed
CVE-2025-50067 was published Jul 15, 2025
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO Critical
GHSA-vp58-j275-797x was published for better-auth (npm) Feb 24, 2025
castilho101
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
Portainer before 2.20.0 allows redirects when the target is not index.yaml. Critical Unreviewed
CVE-2024-33661 was published Apr 26, 2024
The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable... Critical Unreviewed
CVE-2022-41559 was published Dec 6, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2... Critical Unreviewed
CVE-2022-28763 was published Nov 1, 2022
Labstack Echo Open Redirect vulnerability Critical
CVE-2022-40083 was published for github.com/labstack/echo/v4 (Go) Sep 29, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2019-6741 was published May 24, 2022
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could... Critical Unreviewed
CVE-2017-8989 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database