Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and... Moderate Unreviewed
CVE-2025-55014 was published Aug 4, 2025
In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS... Moderate Unreviewed
CVE-2025-49618 was published Jul 3, 2025
In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the... Moderate Unreviewed
CVE-2025-52925 was published Jul 2, 2025
Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking High
CVE-2025-48383 was published for django-select2 (pip) May 27, 2025
neartik ronanboiteau
In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see... Moderate Unreviewed
CVE-2025-32360 was published Apr 5, 2025
XWiki allows unregistered users to access private pages information through REST endpoint High
CVE-2025-29925 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Mar 19, 2025
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS... Moderate Unreviewed
CVE-2025-0502 was published Jan 15, 2025
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to... High Unreviewed
CVE-2024-47146 was published Dec 6, 2024
@electron/packager's build process memory potentially leaked into final executable High
CVE-2024-29900 was published for @electron/packager (npm) Mar 29, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the... Moderate Unreviewed
CVE-2023-6240 was published Feb 4, 2024
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading... Moderate Unreviewed
CVE-2024-0443 was published Jan 12, 2024
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter... Moderate Unreviewed
CVE-2023-7192 was published Jan 2, 2024
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote... High Unreviewed
CVE-2022-3596 was published Sep 20, 2023
Obfuscated email addresses should not be sorted Moderate
CVE-2023-38509 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Jul 27, 2023
XWiki Platform may retrieve email addresses of all users High
CVE-2023-34467 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Jun 20, 2023
floerer
Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the... Moderate Unreviewed
CVE-2017-8442 was published May 13, 2022
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search Critical
CVE-2021-23264 was published for org.craftercms:crafter-search (Maven) Dec 16, 2021
OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure High
CVE-2021-31407 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19 High
GHSA-j9wr-49vq-rm5g was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database