Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,598 advisories

Loading
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. Low Unreviewed
CVE-2025-25052 was published May 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-25218 was published May 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-22886 was published May 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-27241 was published May 6, 2025
Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES ... Low Unreviewed
CVE-2025-2545 was published May 5, 2025
The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2025-3583 was published May 5, 2025
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service ... Low Unreviewed
CVE-2025-47229 was published May 3, 2025
A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as... Low Unreviewed
CVE-2025-4215 was published May 2, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3513 was published May 2, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3514 was published May 2, 2025
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-13381 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3502 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3504 was published May 1, 2025
Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Low Unreviewed
CVE-2023-37517 was published May 1, 2025
Unverified Password Change for ANC software that allows an authenticated attacker to bypass the... Low Unreviewed
CVE-2024-47784 was published Apr 30, 2025
DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on... Low Unreviewed
CVE-2025-3301 was published Apr 29, 2025
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-12273 was published Apr 29, 2025
When a Web User without Create permission on subfolders attempts to upload a file to a non... Low Unreviewed
CVE-2025-0049 was published Apr 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Low Unreviewed
CVE-2024-12706 was published Apr 28, 2025
In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL... Low Unreviewed
CVE-2025-46614 was published Apr 28, 2025
DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms. Low Unreviewed
CVE-2023-35814 was published Apr 28, 2025
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed
CVE-2023-35816 was published Apr 28, 2025
DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on... Low Unreviewed
CVE-2023-35815 was published Apr 28, 2025
Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed
CVE-2025-23376 was published Apr 28, 2025
The device’s passwords have not been adequately salted, making them vulnerable to password... Low Unreviewed
CVE-2025-32471 was published Apr 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database