Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,931 advisories

Loading
A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance... Moderate Unreviewed
CVE-2024-12927 was published Dec 26, 2024
A missing authorization vulnerability in the retrieve teacher Information function of Wisdom... Moderate Unreviewed
CVE-2025-31338 was published Apr 17, 2025
An unrestricted upload of file with dangerous type vulnerability in the course management... Moderate Unreviewed
CVE-2025-31339 was published Apr 17, 2025
A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0. This... Moderate Unreviewed
CVE-2024-12935 was published Dec 26, 2024
Overview   The software does not neutralize or incorrectly neutralize user-controllable... Moderate Unreviewed
CVE-2025-0757 was published Apr 17, 2025
Overview   The product uses external input to construct a pathname that should be within a... Moderate Unreviewed
CVE-2025-24908 was published Apr 17, 2025
Overview   The software does not neutralize or incorrectly neutralize user-controllable... Moderate Unreviewed
CVE-2025-24909 was published Apr 17, 2025
Overview  The product specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2025-0758 was published Apr 17, 2025
Overview   XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed
CVE-2025-24910 was published Apr 17, 2025
Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use... Moderate Unreviewed
CVE-2025-43704 was published Apr 17, 2025
Overview   XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed
CVE-2025-24911 was published Apr 17, 2025
An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in... Moderate Unreviewed
CVE-2025-43703 was published Apr 17, 2025
Overview   The product uses external input to construct a pathname that should be within a... Moderate Unreviewed
CVE-2025-24907 was published Apr 17, 2025
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serverName2. Moderate Unreviewed
CVE-2025-25458 was published Apr 16, 2025
RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the... Moderate Unreviewed
CVE-2025-22911 was published Apr 16, 2025
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to... Moderate Unreviewed
CVE-2024-53304 was published Apr 16, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload... Moderate Unreviewed
CVE-2024-40070 was published Apr 16, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection... Moderate Unreviewed
CVE-2024-40068 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-3733 was published Apr 16, 2025
An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass... Moderate Unreviewed
CVE-2024-44843 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2025-21584 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30682 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-30695 was published Apr 15, 2025
Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected... Moderate Unreviewed
CVE-2025-21578 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21585 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database