GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,358
Composer 4,819
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,046
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,510

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

183 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when... Moderate Unreviewed

CVE-2025-6429 was published Jun 26, 2025

IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due... Moderate Unreviewed

CVE-2025-25029 was published May 28, 2025

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection... Moderate Unreviewed

CVE-2025-5271 was published May 27, 2025

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows,... Moderate Unreviewed

CVE-2025-3942 was published May 22, 2025

Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar. High Unreviewed

CVE-2021-25254 was published May 21, 2025

Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN... Moderate Unreviewed

CVE-2021-25262 was published May 21, 2025

A vulnerability exists in PX Backup whereby sensitive information may be logged under specific... High Unreviewed

CVE-2025-1308 was published May 20, 2025

Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass... Critical Unreviewed

CVE-2024-56524 was published May 12, 2025

A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows... High Unreviewed

CVE-2025-24338 was published Apr 30, 2025

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker... Moderate Unreviewed

CVE-2025-4084 was published Apr 29, 2025

Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding... Moderate Unreviewed

CVE-2025-23377 was published Apr 28, 2025

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki -... Critical Unreviewed

CVE-2025-32074 was published Apr 11, 2025

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed

CVE-2025-32078 was published Apr 11, 2025

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core ... Moderate Unreviewed

CVE-2025-32072 was published Apr 11, 2025

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon ... Moderate Unreviewed

CVE-2025-30657 was published Apr 9, 2025

An issue was discovered in OpenSlides before 4.2.5. When creating new chats via the chat_group... Low Unreviewed

CVE-2025-30345 was published Mar 21, 2025

Improper encoding or escaping of output vulnerability in the webapi component in Synology... Moderate Unreviewed

CVE-2024-50629 was published Mar 19, 2025

Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology... Critical Unreviewed

CVE-2024-10441 was published Mar 19, 2025

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper... Moderate Unreviewed

CVE-2023-35894 was published Mar 7, 2025

During an address list folding when a separating comma ends up on a folded line and that line is... Low Unreviewed

CVE-2025-1795 was published Feb 28, 2025

Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0... High Unreviewed

CVE-2024-12368 was published Feb 25, 2025

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files... Moderate Unreviewed

CVE-2024-49355 was published Feb 20, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed

CVE-2024-56473 was published Feb 6, 2025

Improper Encoding or Escaping of Output vulnerability in Poll Maker Team Poll Maker. This issue... Moderate Unreviewed

CVE-2024-56277 was published Jan 21, 2025

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow an authenticated user... Moderate Unreviewed

CVE-2024-52891 was published Jan 7, 2025

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

183 advisories