Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,574 advisories

Loading
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks... Low Unreviewed
CVE-2025-48708 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a... Low Unreviewed
CVE-2023-47466 was published May 22, 2025
Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed
CVE-2025-48009 was published May 21, 2025
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical.... Low Unreviewed
CVE-2025-5030 was published May 21, 2025
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized... Low Unreviewed
CVE-2025-1420 was published May 21, 2025
Data provided in a request performed to the server while activating a new device are put in a... Low Unreviewed
CVE-2025-1421 was published May 21, 2025
Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high... Low Unreviewed
CVE-2025-1419 was published May 21, 2025
Failed login response could be different depending on whether the username was local or central. Low Unreviewed
CVE-2025-48015 was published May 20, 2025
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME... Low Unreviewed
CVE-2025-4945 was published May 19, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3... Low Unreviewed
CVE-2025-31185 was published May 19, 2025
a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with... Low Unreviewed
CVE-2025-41429 was published May 19, 2025
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in ... Low Unreviewed
CVE-2025-23165 was published May 19, 2025
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in ... Low Unreviewed
CVE-2025-23122 was published May 19, 2025
O2 UK through 2025-05-17 allows subscribers to determine the Cell ID of other subscribers by... Low Unreviewed
CVE-2025-48219 was published May 18, 2025
A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as... Low Unreviewed
CVE-2025-4839 was published May 18, 2025
A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an... Low Unreviewed
CVE-2025-4819 was published May 17, 2025
libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data... Low Unreviewed
CVE-2025-48188 was published May 16, 2025
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured... Low Unreviewed
CVE-2025-22233 was published May 16, 2025
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By... Low Unreviewed
CVE-2025-40631 was published May 16, 2025
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability... Low Unreviewed
CVE-2025-40632 was published May 16, 2025
The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not... Low Unreviewed
CVE-2024-11140 was published May 15, 2025
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the... Low Unreviewed
CVE-2024-10098 was published May 15, 2025
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed
CVE-2025-4762 was published May 15, 2025
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager... Low Unreviewed
CVE-2025-27525 was published May 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database