Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

107,981 advisories

Loading
Drupal core contains a potential PHP Object Injection vulnerability High
CVE-2024-55638 was published for drupal/core (Composer) Dec 10, 2024
Drupal core contains a potential PHP Object Injection vulnerability High
CVE-2024-55637 was published for drupal/core (Composer) Dec 10, 2024
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters High
CVE-2024-28123 was published for wasmi (Rust) Mar 7, 2024
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ... High Unreviewed
CVE-2023-49739 was published Dec 14, 2023
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and... High Unreviewed
CVE-2024-21888 was published Jan 31, 2024
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a... High Unreviewed
CVE-2024-22022 was published Feb 7, 2024
HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A... High Unreviewed
CVE-2023-50342 was published Jan 3, 2024
A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical.... High Unreviewed
CVE-2025-5527 was published Jun 3, 2025
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 1080, 2100, 1280... High Unreviewed
CVE-2025-23102 was published Jun 3, 2025
Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed
CVE-2025-4330 was published Jun 3, 2025
Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed
CVE-2025-4138 was published Jun 3, 2025
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that... High Unreviewed
CVE-2025-4435 was published Jun 3, 2025
A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16.... High Unreviewed
CVE-2025-5180 was published May 26, 2025
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length... High Unreviewed
CVE-2025-23107 was published Jun 3, 2025
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length... High Unreviewed
CVE-2025-23103 was published Jun 3, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... High Unreviewed
CVE-2025-25021 was published Jun 3, 2025
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0.... High Unreviewed
CVE-2025-45542 was published Jun 2, 2025
A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by... High Unreviewed
CVE-2025-5156 was published May 26, 2025
A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this... High Unreviewed
CVE-2025-4841 was published May 18, 2025
The number identification module has a path traversal vulnerability. Successful exploitation of... High Unreviewed
CVE-2022-39001 was published Sep 17, 2022
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
Wildfly Elytron integration susceptible to brute force attacks via CLI High
CVE-2025-23368 was published for org.wildfly.core:wildfly-elytron-integration (Maven) Mar 4, 2025
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote... High Unreviewed
CVE-2025-5419 was published Jun 3, 2025
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-27344 was published Apr 3, 2024
Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-27337 was published Apr 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database