GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

69 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists... High Unreviewed

CVE-2025-2875 was published May 14, 2025

There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a... High Unreviewed

CVE-2024-51961 was published Mar 3, 2025

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an... High Unreviewed

CVE-2025-0111 was published Feb 12, 2025

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can... High Unreviewed

CVE-2024-42168 was published Jan 11, 2025

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database... High Unreviewed

CVE-2024-10979 was published Nov 14, 2024

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code... High Unreviewed

CVE-2024-45826 was published Sep 12, 2024

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during... High Unreviewed

CVE-2024-6717 was published Jul 23, 2024

In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a... High Unreviewed

CVE-2024-31319 was published Jul 9, 2024

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed

CVE-2023-6154 was published Apr 1, 2024

HashiCorp Nomad vulnerable to symlink attacks High

CVE-2024-1329 was published for github.com/hashicorp/nomad (Go) Feb 8, 2024

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed

CVE-2023-5247 was published Nov 30, 2023

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed

CVE-2023-39542 was published Nov 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed

CVE-2023-35985 was published Nov 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed

CVE-2023-40194 was published Nov 27, 2023

A file write vulnerability exists in the OAS Engine configuration functionality of Open... High Unreviewed

CVE-2023-32615 was published Sep 5, 2023

Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed

CVE-2022-46869 was published Aug 31, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42733 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42732 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42893 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42891 was published Jul 6, 2023

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... High Unreviewed

CVE-2022-42734 was published Jul 6, 2023

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of... High Unreviewed

CVE-2023-3256 was published Jun 22, 2023

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a... High Unreviewed

CVE-2023-21097 was published Apr 19, 2023

An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register... High Unreviewed

CVE-2023-22616 was published Apr 12, 2023

In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a... High Unreviewed

CVE-2023-20964 was published Mar 24, 2023

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

69 advisories