Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,730
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products... Moderate Unreviewed
CVE-2025-20112 was published May 21, 2025
Harden-Runner allows evasion of 'disable-sudo' policy Moderate
CVE-2025-32955 was published for step-security/harden-runner (GitHub Actions) Apr 22, 2025
loresuso darryk10
Argo Events users can gain privileged access to the host system and cluster with EventSource and Sensor CR Critical
CVE-2025-32445 was published for github.com/argoproj/argo-events (Go) Apr 14, 2025
thevilledev
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to... High Unreviewed
CVE-2024-4877 was published Apr 3, 2025
User interface (UI) misrepresentation of critical information issue exists in multiple Home... High Unreviewed
CVE-2024-47045 was published Sep 26, 2024
silverstripe/framework Privilege Escalation Risk in Member Edit form Moderate
GHSA-xpff-c35g-j3cr was published for silverstripe/framework (Composer) May 27, 2024
A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16... Moderate Unreviewed
CVE-2024-1299 was published Mar 7, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9. High Unreviewed
CVE-2023-5839 was published Oct 29, 2023
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed
CVE-2023-20194 was published Sep 7, 2023
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed... High Unreviewed
CVE-2023-0971 was published Jun 21, 2023
A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes... Moderate Unreviewed
CVE-2023-2250 was published Apr 24, 2023
privilege chaining in cockpit-hq/cockpit High
CVE-2023-0759 was published for cockpit-hq/cockpit (Composer) Feb 9, 2023
It was discovered that a systemd service that uses DynamicUser property can get new privileges... High Unreviewed
CVE-2019-3844 was published May 24, 2022
twill is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-3932 was published for area17/twill (Composer) Nov 15, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database