Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5 advisories

Loading
An attacker can upload an arbitrary file instead of a plant image. Critical Unreviewed
CVE-2025-30510 was published Apr 16, 2025
IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload... Moderate Unreviewed
CVE-2024-45676 was published Dec 3, 2024
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed
CVE-2023-38831 was published Aug 23, 2023
When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed
CVE-2024-4769 was published May 14, 2024
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto... High Unreviewed
CVE-2023-2866 was published Jun 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database