Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
Dpanel's hard-coded JWT secret leads to remote code execution Critical
CVE-2025-30206 was published for github.com/donknap/dpanel (Go) Apr 15, 2025
NS-Sp4ce
A vulnerability was found in GNOME libgsf up to 1.14.53 and classified as problematic. Affected... Moderate Unreviewed
CVE-2025-2720 was published Mar 25, 2025
Windows Remote Desktop Services Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49120 was published Dec 12, 2024
there is a possible arbitrary read due to an insecure default value. This could lead to local... Moderate Unreviewed
CVE-2024-44096 was published Sep 13, 2024
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to... High Unreviewed
CVE-2024-34734 was published Aug 16, 2024
Filestash configured to skip TLS certificate verification when using the FTPS protocol High
CVE-2024-41255 was published for github.com/mickael-kerjean/filestash (Go) Jul 31, 2024
fgr Vulnerable to Insecure Default Variable Initialization Low
GHSA-879p-8gw4-mcpw was published for fgr (pip) Mar 15, 2024
dan1hc
Skype for Consumer Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21411 was published Mar 12, 2024
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther... High Unreviewed
CVE-2023-27516 was published Oct 12, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47195 was published Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47194 was published Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47196 was published Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47197 was published Jan 19, 2023
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed
CVE-2022-3262 was published Dec 8, 2022
A vulnerability classified as problematic has been found in Linux Kernel. This affects the... Moderate Unreviewed
CVE-2022-3642 was published Oct 21, 2022
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
CORS misconfiguration in socket.io Moderate
CVE-2020-28481 was published for socket.io (npm) Jan 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database