Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
TYPO3 Allows Unrestricted File Upload in File Abstraction Layer Moderate
CVE-2025-47939 was published for typo3/cms-core (Composer) May 20, 2025
0xHamy ohader
An attacker can upload an arbitrary file instead of a plant image. Critical Unreviewed
CVE-2025-30510 was published Apr 16, 2025
Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution Low
CVE-2025-22151 was published for strawberry-graphql (pip) Jan 9, 2025
jamietdavidson bellini666
patrick91
IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload... Moderate Unreviewed
CVE-2024-45676 was published Dec 3, 2024
When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed
CVE-2024-4769 was published May 14, 2024
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed
CVE-2023-38831 was published Aug 23, 2023
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto... High Unreviewed
CVE-2023-2866 was published Jun 7, 2023
Improper type usage in rusqlite Critical
CVE-2020-35872 was published for rusqlite (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database