Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,730
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

228 advisories

Loading
PrinterShare Android application allows the capture of Gmail authentication tokens that can be... Critical Unreviewed
CVE-2025-5098 was published May 23, 2025
The issue was addressed with improved restriction of data container access. This issue is fixed... Critical Unreviewed
CVE-2025-31183 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30426 was published Apr 1, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-30424 was published Apr 1, 2025
This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5... Critical Unreviewed
CVE-2025-24279 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24253 was published Apr 1, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24278 was published Apr 1, 2025
A privacy issue was addressed by moving sensitive data to a protected location. This issue is... Critical Unreviewed
CVE-2025-24263 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24242 was published Apr 1, 2025
This issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24250 was published Apr 1, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24246 was published Apr 1, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24239 was published Apr 1, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24232 was published Apr 1, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app... Critical Unreviewed
CVE-2025-24204 was published Apr 1, 2025
The issue was addressed with improved handling of protocols. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2024-40864 was published Apr 1, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27675 was published Mar 5, 2025
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Critical
GHSA-vjh7-7g9h-fjfh was published for elliptic (npm) Feb 12, 2025
ChALkeR jprichardson
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Critical
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
hboutemy yusuke-koyoshi
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24174 was published Jan 28, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Critical Unreviewed
CVE-2025-24146 was published Jan 28, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24109 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia... Critical Unreviewed
CVE-2025-24102 was published Jan 28, 2025
An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed
CVE-2024-52975 was published Jan 23, 2025
http4k has a potential XXE (XML External Entity Injection) vulnerability Critical
CVE-2024-55875 was published for org.http4k:http4k-format-xml (Maven) Dec 12, 2024
JAckLosingHeart
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3501 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database